INC-143320 · Issue 602281
Support added for email addresses with hyphen in domain name
Resolved in Pega Version 8.3.5
When attempting to enter a email with a hyphen '-' in the domain part of an email ID ([email protected]), the reply button was getting disabled. This was caused by the regex validation implemented in the "pzValidateEmailAddress" (Work-Channel-Triage-Email) standard activity not covering all the possible cases. To resolve this, regex has been changed to instead use a platform-provided rule to ValidateEmailAddress.
INC-139300 · Issue 590273
Additional security for encrypted passwords
Resolved in Pega Version 8.3.5
Handling and cleanup has been updated for encrypted values to enhance security.
INC-141296 · Issue 592474
Log-access security updated
Resolved in Pega Version 8.3.5
Access control has been updated for Log-Usage class.
INC-139337 · Issue 595222
RefreshRequestors security update
Resolved in Pega Version 8.3.5
Security improvements have been added for RefreshRequestors.
INC-135349 · Issue 583004
Unit Test Ruleset rules do not count against Guardrails
Resolved in Pega Version 8.3.5
Although the documentation indicates that rules in a Unit Testing ruleset should not count against the guardrail score or unit test coverage, when branching a unit test ruleset, the branch did not carry the same unit test flag value as the source ruleset and the rulesets were counted as a result. This has been resolved with an update to ignore testrulesets in guardrail and pegaunit calculations.
INC-128923 · Issue 594162
Cross-site scripting security update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been added to OpenNoteDetails.
INC-143136 · Issue 604016
Cross-site scripting update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been updated in Designer Studio.
INC-202878 · Issue 713790
Handling updated for social messaging items with very large embedded images
Resolved in Pega Version 8.7.2
Job scheduler was running out of memory while handling large/multiple files, causing nodes to crash while handling Social Messaging items. Inline images were also not being sent in the ACK email. Investigation traced this to a custom job scheduler and activity used to create PDFs from email communication and send the PDFs to a third-party system. This used the standard Email Triage/PegaSocial functionality for the emails, which were stored as instances of PegaSocial-Message. The custom Job scheduler and activity then leveraged the Data Page D_pxEmailPosts to retrieve the emails in order to harvest the text from the emails. The issue occurred when a number of the emails had multiple or large embedded images in them, meaning the PegaSocial-Message instances are very large. This resulted in the node running out of memory and crashing. To resolve this, code has been added to support inline images in ACK email and the complete message from Pulse will be used instead of the original message as the email body for the ACK email.
INC-211417 · Issue 711610
Updated URL construction for inline images for better performance
Resolved in Pega Version 8.7.2
System slowness was seen, and inline images were not getting displayed when the case was opened. This has been resolved by modifying pyExtractHtmlFromAttachment to ensure the image source URL is built in a consistent way whether or not there is a cache to call from.
INC-212549 · Issue 706073
HTML attachments conditionally shown in email listener cases
Resolved in Pega Version 8.7.2
When Rich text/html (non-plain text) emails were ingested in email, the original mail was not getting added to the case. Investigation showed that the pzCreateTriageWork activity had an explicit delete step to remove any attachment that started with 'email-content'. Since the HTML attachment name starts with 'email-content', it was deleted in above activity. This has been resolved by adding a when rule named 'pyLinkEmailTriageContentHTML' which will conditionally show email-content.html.