SR-A24598 · Issue 247394
Apache Struts updated for security
Resolved in Pega Version 7.2.1
Apache Struts has been updated to version 2.3.28 to protect against potential security vulnerabilities exposed when Dynamic Method Invocation is enabled, removing the ability for remote attackers to execute arbitrary code via method: prefix, related to chained expressions.
SR-A27900 · Issue 248758
24-hour clock enhancement for displayReportSection
Resolved in Pega Version 7.2.1
The new option "Support 24 hour format for time?" has been added to displayReportSection to allow the date/time in the Charts 'Show Data' display screen to use a 24-Hr format.
SR-A4613 · Issue 227870
Updated logging for "Obfuscated URL tampering" errors
Resolved in Pega Version 7.2.1
The error "pegarules.util.URLObfuscation) ERROR - Obfuscated URL tampering - unable to derive cleartext data" was being logged when the "cookie/HttpOnly" parameter was set. This was traced to the unobfuscating of data failing at the server end, and the loggers have been updated to print requestor data for better diagnostics.
SR-A4719 · Issue 230767
Fixed improper ID carryover after reset all loggers
Resolved in Pega Version 7.2.1
When a user reset the logs, the same user ID was then being populated in the log entries of master agent and requestor lock exceptions from that point on even when the exceptions were from other users. This was due to the username not being cleared correctly after the reset all loggers operation is done, and to fix this, the reset all loggers functionality has been changed such that no data from main thread is copied onto the child thread(the dispatcher thread).
SR-A8475 · Issue 233560
Fixed Multiselect grid drag and drop
Resolved in Pega Version 7.2.1
When using MultiSelectList Control, if a value was selected and then 'submit' was used to populate the Grid's data, dragging and dropping the Grid's row to some other workbasket did not work. This happened because the clipboard calls the remove property with a symbolic delete when doing a drag and drop. While processing this delete, if the mode of property was unknown the system was unable to look up the property definition in the dictionary, and an exception occurred. To fix this, handling has been added to lookup the definition of the property if it is unknown before removing it.
INC-146098 · Issue 633722
Keyboard shortcuts work in Decision Trees
Resolved in Pega Version 8.3.6
Keyboard short cuts in Decision Trees used to copy/paste by holding ctrl button in Decision Trees were not working. This was an unintended side effect related to changing non-auto grid to an auto-generated hierarchical table to make the Decision tree rule form multi-browser compatible, and has been resolved by adding cut/copy/paste/insert-after/insert-before functionality to the decision tree context menu.
INC-151662 · Issue 626576
Handling added for application which includes production ruleset
Resolved in Pega Version 8.3.6
When creating the Email channel or Webchat channel, the Text Analyzer and its respective class (Data-Decision-Request-MCP-WebChat-xxxxx) was being saved in the ruleset of the built-on application while there were rulesets open in the top application. This was a missed use case, and has been resolved byupdating the logic to account for the scenario where an application includes a production ruleset.
INC-164944 · Issue 636290
Logic updated to handle decision trees over 64k
Resolved in Pega Version 8.3.6
An exception was thrown when decision trees reached the 64K size limit. This has been resolved by modifying the logic in the DecisiontableMethodBody Rule-Utility-Function where the split size PropRowLimit is based on the number of columns.
INC-169112 · Issue 647080
Decision Trees refresh after updating a new row
Resolved in Pega Version 8.3.6
Updating a decision tree row did not display the updated data until after save and refresh. This was traced to the first row not meeting the condition for refresh on change because the first row was created as part of the decision tree creation, so the data was not persisted and the update was not registered as a change. This has been resolved by adding explicit handling for the first row to persist its expression string and show the data as entered.
INC-149143 · Issue 613140
Report category error messages made accessible
Resolved in Pega Version 8.3.6
In order to improve accessibility while creating new reports, labels have been added to the error messages on the category name field.