INC-133583 · Issue 584923
Rest connector supports extended chars in attachments
Resolved in Pega Version 8.3.5
When the pyRequestAttachmentPage clipboard page was populated with a file name that contained Latin supplemental 1 unicode characters (decimal values 160 to 255 - for example an umlaut), any extended characters were being converted to question marks (?) before the call was sent, causing the web service call initiated by Pega to fail. To better support this use, an enhancement has been added to support a multipart request with extended characters in the file name. This allows the pyRequestAttachmentPage to specify pyFileNameExtendedChars, allowing RFC 6532 mode to be toggled for multipart requests with attachments. This mode allows for UTF-8 encoding in the attachment file name header, rather than the default ASCII encoding.
INC-143461 · Issue 601841
Updated JSON DT nested page property handling
Resolved in Pega Version 8.3.5
In a JSON data transform, when using an "Update page" step on a single-page property, as a child step of an "Append and map to" step where a pagelist property is given, the pagelist was populated with only one result but the single-page property was treated like a pagelist and received multiple results. This has been resolved by updating the ClipboardJSONDeserializer implementation and downstream abstractions to support "clipboard only" relations as properties in nested PageLists.
INC-139297 · Issue 601421
JSON content type update
Resolved in Pega Version 8.3.5
An update has been made to ensure the content_type is set to application/json for JSON response.
INC-139300 · Issue 590273
Additional security for encrypted passwords
Resolved in Pega Version 8.3.5
Handling and cleanup has been updated for encrypted values to enhance security.
INC-141296 · Issue 592474
Log-access security updated
Resolved in Pega Version 8.3.5
Access control has been updated for Log-Usage class.
INC-139337 · Issue 595222
RefreshRequestors security update
Resolved in Pega Version 8.3.5
Security improvements have been added for RefreshRequestors.
INC-135349 · Issue 583004
Unit Test Ruleset rules do not count against Guardrails
Resolved in Pega Version 8.3.5
Although the documentation indicates that rules in a Unit Testing ruleset should not count against the guardrail score or unit test coverage, when branching a unit test ruleset, the branch did not carry the same unit test flag value as the source ruleset and the rulesets were counted as a result. This has been resolved with an update to ignore testrulesets in guardrail and pegaunit calculations.
INC-128923 · Issue 594162
Cross-site scripting security update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been added to OpenNoteDetails.
INC-143136 · Issue 604016
Cross-site scripting update
Resolved in Pega Version 8.3.5
Cross-site scripting protections have been updated in Designer Studio.
INC-147873 · Issue 610865
Custom header character encoding for Subject added
Resolved in Pega Version 8.5.5
Case correspondence that contained a Subject with accent characters such as "Invitation à être" was being rejected by MailJet on the basis of encoding issues on the "Thread-Topic" when using custom headers. The error "BAD HEADER SECTION, Non-encoded non-ASCII data (and not UTF-8)" was generated. This was traced to the Send Email Smart Shape handling when using custom headers, and has been resolved by encoding the Subject before appending it to the Thread-topic header while adding custom headers.