SR-A8788 · Issue 217912
Updated reference mapping to resolve JMS error
Resolved in Pega Version 7.2
If the Request Message Type was set to Map on the Service Tab, adding message data on the request tab to any connect-jms or service JMS rule failed to save and generated the error "Message Key value must be specified for map messages". Setting the same information on the Message Properties area worked as expected. This occurred due to improper mapping of the property references, and the mapping has been corrected.
SR-A2779 · Issue 213357
XMLSecurity library updated to ensure proper SAML STS token signature verification
Resolved in Pega Version 7.2
Classes of Repackaged version of XML Security library were conflicting with JDK/container and causing sporadic signature failures. The ApacheXMLDSig which gets registered as part of the initialization of WSS4j often conflicts with the providers with same name but loaded earlier during server startup. This has been resolved by modifying the XMLSecurity library to register the provider with a different/unique name that will not conflict with any of the standard registered providers.
SR-A589 · Issue 218042
CRLF payload protection enhanced
Resolved in Pega Version 7.2
In some cases, CRLF characters in thread names were not being caught in thread name protection, causing a 303 response and allowing the CRLF characters to be executed in the response back to the browser. To ensure expected behavior, the Location header value will have CR, LF and . removed when PRPC is preparing the HTTP redirect (303) response.
SR-A10706 · Issue 220688
CRLF payload protection enhanced
Resolved in Pega Version 7.2
In some cases, CRLF characters in thread names were not being caught in thread name protection, causing a 303 response and allowing the CRLF characters to be executed in the response back to the browser. To ensure expected behavior, the Location header value will have CR, LF and . removed when PRPC is preparing the HTTP redirect (303) response.
SR-A12347 · Issue 212822
Added check for BIX extract that will exceed filesize name limit
Resolved in Pega Version 7.2
Running a BIX extract with the -i option failed with the error "Error while creating the csv file: The file name entered exceeds the maximum size allowed (255 characters)". This happened in environments where the codehit the OS limit on the filepath name. This can be avoided by ensuring the File Specification tab of the Extract Rule contains a directory path shorter than 255 characters and by taking care not to have another Extract Rule with the same name in a Branch or a higher ruleset version with file specification path longer than 255 characters. To assist this, a check has been added.
SR-A7275 · Issue 216805
Added non-ASCII character handling to MSOGenerateExcelFile activity
Resolved in Pega Version 7.2
When the name of the file to be downloaded contained Japanese characters, the resulting file name displayed spaces in place of the Japanese characters. This was due to the characters in the file name not being encoded using the same character set which would then be used by the browser to decode the file name. To resolve this, the name of the file to be downloaded is now set as part of the Content-Disposition response header and will support non-ASCII characters
SR-133693 · Issue 206383
Agent SystemCleaner default time changed
Resolved in Pega Version 7.2
Timezone conversion issues were causing sporadic issues with Agent SystemCleaner terminating prematurely in J2EE environments. By default, the agent will now run at 12:05am rather than precisely at midnight.
SR-A2960 · Issue 218751
Asynch loaded data pages correctly pulled into main thread
Resolved in Pega Version 7.2
After using Load-DataPage, using Connect-Wait to synchronize with child requestor caused the data page to be loaded again when it was referenced instead of the system bringing the asynchronously-loaded data page forward. This was caused by differing value handling during the cache key building for ADP load, and has been corrected.
SR-A5881 · Issue 217291
Blocked rule passivation error resolved
Resolved in Pega Version 7.2
An exception was being thrown for a blocked Data page when the system idled until the passivation time out occurred. This was an issue with the passivation attempting to read the blocked rule to set the context of PassivatorThread. To fix this, the system will use Thread-To-Be-Passivated for the context instead.
SR-A6900 · Issue 218481
Changed name check for page-ref skips
Resolved in Pega Version 7.2
When a work object which uses property-ref method was submitted, corruption was seen in the reference information if the name of the referring page and/or referring scalar property it contained was a substring of the name of a reference property that was intended to be skipped. For example, if a reference page list property called "TopPage. TestPageList" was to be skipped for encoding and there was a referring page property by the name of "TestPage", then encoding of "TestPage" was also skipped. To avoid this problem, the system now checks for the complete name of property "." instead of doing partial match with "contains". The page will not be saved if there is a reference property with the same name or something extra. For example: page "PRPCpage" will not be saved if there is a reference property "XXXPRPCpageXXX".