SR-113624 · Issue 167070
Enabling out-of-the-box Security Policies now redirects immediately
Resolved in Pega Version 7.1.7
When enabling out-of-the-box Security Policies, it was not immediately redirecting to the change password screen but instead requiring the timeout interval to expire before redirect happened. This has been corrected.
SR-118880 · Issue 172588
Change Password redirect loop fixed
Resolved in Pega Version 7.1.7
When URLEncryption is enabled along with Security Policies, redirection to the Change Password screen caused the browser to loop into an endless redirect (HTTP 302 loop). This was caused by Incorrect (un-obfuscated) data being used internally when obfuscation was enabled, and has been fixed.
SR-131072 · Issue 203709
Requestor token creation added for PRExternal authentication
Resolved in Pega Version 7.1.9
When using a PRExternal authentication scheme, the csrfsession requestor token was not created. This caused a heavy volume of INFO logging messages in production due to the null token. This authentication path has now been added and the token will be correctly created for use.
SR-131691 · Issue 202207
Improved performance for incorrect password handling
Resolved in Pega Version 7.1.9
When the operator entered the wrong password in the login screen, numerous "Stream Overwritten" alerts appeared the Alert log. There was no workflow problem involved, but the logging indicated that there was an additional unnecessary call being made to Stream Web-Login, and that unneeded call has been removed to improve system performance and remove the error being logged.
SR-A4056 · Issue 211550
Corrected validation error for Extract rule field length
Resolved in Pega Version 7.1.9
A validation error noting that the field length of the table was limited to 30 characters was occurring when trying to check in an Extract rule even if the field value had been shortened. While checking in the extract rule, a block of code in the Rule-Utility-Function validateTreeProperties was recomputing the pagelist's table name instead of using the one provided by the user. The Rule-Utility-Function validateTreeProperties function has been modified to fix the issue.
INC-127591 · Issue 564820
isAuthenticated checks trimmed for Performance Improvement
Resolved in Pega Version 8.4.2
In order to improve performance, a duplicate check of pxIsRepositoryAuthenticated has been removed from the Function Rule.
INC-127859 · Issue 564621
Email image retrieval switched to Lazy Load
Resolved in Pega Version 8.4.2
In email, multiple images being loaded at once resulted in a performance impact. To resolve this, the fetching of inline images has been modified to use Lazy Load optimization which will retrieve file content from S3 storage on a need basis.
INC-127891 · Issue 564728
Added check for redirects when getting images from S3
Resolved in Pega Version 8.4.2
When retrieving images from S3 storage, a 303 redirect status response code was shown. Investigation showed that using a public URL caused the redirects, and this has been resolved by adding an AG hash while fetching images via an activity.
INC-128164 · Issue 567430
Resolved CommitError when trying to send email
Resolved in Pega Version 8.4.2
An error related to email was intermittently encountered while working on a case. This was traced to a local setting for Rule-ObJ class that set a read-only privilege, which appeared to have conflicted with the expected permissions around email template saving. This was an unexpected use case, and has been resolved.
SR-D87188 · Issue 551351
Mentioned user in Pulse correctly converted to hyperlink
Resolved in Pega Version 8.4.2
In the Interaction portal, mentioning a user in Pulse using @ was not converting the name to the user name with hyperlink for Email Interactions. @ mentions were working as as expected in Phone Interactions. This problem was introduced as part of using OWASP to sanitize HTML user input in Rich Text support, and was due to OWASP converting @ to an HTML entity. To resolve this, the @ will be excepted from HTML conversion.