INC-199790 · Issue 700646
GetAllEmailWork temp page renamed to avoid conflict
Resolved in Pega Version 8.6.4
The default Email manager portal was not displaying new email triage cases. Investigation showed that because the GetAllEmailWork and CaseBreadCrumbPopulate activities were using a common name for the clipboard page "TempPage", when CaseBreadCrumbPopulate removed the TempPage clipboard page as one of its steps a null pointer exception occurred for GetAllEmailWork. To resolve this, an update has been made to rename "TempPage" to "TempPageET" for GetAllEmailWork so the names will not conflict.
INC-211417 · Issue 711611
Updated URL construction for inline images for better performance
Resolved in Pega Version 8.6.4
System slowness was seen, and inline images were not getting displayed when the case was opened. This has been resolved by modifying pyExtractHtmlFromAttachment to ensure the image source URL is built in a consistent way whether or not there is a cache to call from.
INC-212549 · Issue 706074
HTML attachments conditionally shown in email listener cases
Resolved in Pega Version 8.6.4
When Rich text/html (non-plain text) emails were ingested in email, the original mail was not getting added to the case. Investigation showed that the pzCreateTriageWork activity had an explicit delete step to remove any attachment that started with 'email-content'. Since the HTML attachment name starts with 'email-content', it was deleted in above activity. This has been resolved by adding an update to conditionally show email-content.html.
INC-214294 · Issue 710826
PopulateEmailClientWorkFilter correctly resolves field value
Resolved in Pega Version 8.6.4
The first item in the Email manager queue selection dropdown was 'DefaultWorklist', instead of 'Default worklist' or other formatted text. Investigation showed the New Page was not created for the temp results in pzPopulateEmailClientWorkFilter Activity, preventing it from resolving the customized/available field values, and this has been resolved.
INC-214367 · Issue 708410
Handling added for infinite loop in GetEmailConversations
Resolved in Pega Version 8.6.4
An infinite loop issue where a clipboard page was repeatedly added to a page list in pxGetEmailConversations was causing an out of memory condition that resulted in unavailable nodes. This has been resolved by adding boundary conditions to avoid a loop, and a fail-safe mechanism to exit an infinite loop if one does occur.
INC-214836 · Issue 709759
Handling added for infinite loop in GetEmailConversations
Resolved in Pega Version 8.6.4
An infinite loop issue where a clipboard page was repeatedly added to a page list in pxGetEmailConversations was causing an out of memory condition that resulted in unavailable nodes. This has been resolved by adding boundary conditions to avoid a loop, and a fail-safe mechanism to exit an infinite loop if one does occur.
INC-164432 · Issue 696294
Global obfuscation key initialized on first requestor call
Resolved in Pega Version 8.6.4
When using URLEncryption = true and SubmitObfuscatedURL = optional, attempting to export an Excel spreadsheet resulted in the error "Invalid character found in the request target". This was traced to the variable pega.d.globalobfuscateKey having a null value which was then converted to a byte array and decoded, generating improper characters in the URL. After a browser refresh, the correct value was set in pega.d.globalobfuscateKey and the export worked as expected. To resolve this, an update has been made to initialize the key on the very first call in PRRequestorImpl when the global obfuscation key is determined to be NULL instead of initializing the global obfuscation key by on-demand basis from HTTPAPI.
INC-182827 · Issue 691528
URL security updated
Resolved in Pega Version 8.6.4
Security has been updated for URL tampering defense and Rule Security Mode.
INC-209298 · Issue 704141
Added security tokens to Worklist assignment error wizard
Resolved in Pega Version 8.6.4
After enabling CSRF, moving to 'Configure -> Case Management -> Tools -> Work Admin -> Worklist assignment errors' and then selecting a record and clicking on 'Delete' resulted in a '403 Forbidden' error. This has been resolved by adding CSRF and fingerprint tokens as part of the form data.
INC-211426 · Issue 706061
UI and code changes to support Client Assertion in Open ID Connect
Resolved in Pega Version 8.6.4
In order to support private_key_jwt, an enhancement has been added which will pass the “Client ID” and “Client assertion” (in the form of a signed JWT) as part of the authorization code grant flow for an IDP-initiated SSO. The Authorization Server will then authenticate Pega (the client) to verify the signature and payload of assertion by retrieving the public key via Pega’s JWKS endpoint.