SR-B42009 · Issue 304044
Authentication timeout smoothed for re-login
Resolved in Pega Version 7.3
If custom authentication was used with a stream specified to enter credentials upon authentication timeout, re-login failed after the timeout. This was traced to two issues: first, the custom configuration defaulted to using the out-of-the-box stream "Web-TimeOut", which expects the password to be in base64 encoded format and so attempts to base64 decode it. This caused an authentication failure. Second, when restarting with authentication instead of a timed-out request, the starting activity of operator was being executed and the portal was rendered unexpectedly. To resolve this, the object references needed for the successful resumption will be cloned when there is authentication timeout and used for redirection upon successful authentication.
SR-B43182 · Issue 301518
pzSUS Param properly URLEncoded
Resolved in Pega Version 7.3
The Tomcat 8+ server was rejecting DWA URLs due to characters such as {,} that it considered to be unsafe. These characters were introduced by pzSus key in the URL, and these values will now be encoded for the browser to resolve these issues.
SR-B44199 · Issue 300058
Fixed Access Control Policy in Assign- classes
Resolved in Pega Version 7.3
An error was generated when attempting to create an Access Control Policy in Assign- classes. This was due to a missing use-case, and has been corrected.
SR-B44199 · Issue 299984
Fixed Access Control Policy in Assign- classes
Resolved in Pega Version 7.3
An error was generated when attempting to create an Access Control Policy in Assign- classes. This was due to a missing use-case, and has been corrected.
SR-B44199 · Issue 297134
Fixed Access Control Policy in Assign- classes
Resolved in Pega Version 7.3
An error was generated when attempting to create an Access Control Policy in Assign- classes. This was due to a missing use-case, and has been corrected.
SR-B6669 · Issue 279329
XSS filters added to UI rulesets
Resolved in Pega Version 7.3
XSS filters have been added to pyCaseActionArea and pyAssignmentsLabel in Pega-EndUserUI and UIKit rulesets.
INC-127591 · Issue 564820
isAuthenticated checks trimmed for Performance Improvement
Resolved in Pega Version 8.4.2
In order to improve performance, a duplicate check of pxIsRepositoryAuthenticated has been removed from the Function Rule.
INC-127859 · Issue 564621
Email image retrieval switched to Lazy Load
Resolved in Pega Version 8.4.2
In email, multiple images being loaded at once resulted in a performance impact. To resolve this, the fetching of inline images has been modified to use Lazy Load optimization which will retrieve file content from S3 storage on a need basis.
INC-127891 · Issue 564728
Added check for redirects when getting images from S3
Resolved in Pega Version 8.4.2
When retrieving images from S3 storage, a 303 redirect status response code was shown. Investigation showed that using a public URL caused the redirects, and this has been resolved by adding an AG hash while fetching images via an activity.
INC-128164 · Issue 567430
Resolved CommitError when trying to send email
Resolved in Pega Version 8.4.2
An error related to email was intermittently encountered while working on a case. This was traced to a local setting for Rule-ObJ class that set a read-only privilege, which appeared to have conflicted with the expected permissions around email template saving. This was an unexpected use case, and has been resolved.