SR-B16337 · Issue 287224
BIX TotalInserts and TotalInstance counts made consistent for nested pages
Resolved in Pega Version 7.3
The pxTotalInsertsCount and pxTotalInstanceCount values were being calculated incorrectly when using PageLists and a Page under those PageLists. This was a missed case, and the system has been updated to address it.
SR-B17037 · Issue 289405
Handling added for SP initiated logins
Resolved in Pega Version 7.3
Attempting a Service Provider (SP) initiated login request caused the error "The Response did not contain any Authentication Statement that matched the Subject Confirmation criteria" to appear. This was due to the code used to identify whether the flow is IDP initiated or SP initiated SSO not having the handling for encrypted assertions. The system has now been updated to look for the relay state in the DB: if an entry is present then the SSO flow will be SP initiated, otherwise it will be IDP initiated.
SR-B17270 · Issue 288020
XSS filtering added to Autocomplete highlighting
Resolved in Pega Version 7.3
XSS filtering has been added to Autocomplete highlighting for better security.
SR-B2093 · Issue 277296
Corrected page passivation for parameterized data pages
Resolved in Pega Version 7.3
A null-pointer exception error was generated when performing findPage() on a parameterized Data page after the page/thread was passivated and restored. This was traced to a situation where a page with meta data was not correctly saved while passivating due to a failed condition check on last update time, and has been resolved with changes to the EditDataPageHandler to update the access time whenever page is loaded from findDataPage() method.
SR-B26257 · Issue 288790
Fixed SMA broken item requeue
Resolved in Pega Version 7.3
When attempting to requeue a broken item using the SMA, the requeue failed with an error about Attribute Based Access Control. This was traced to the API passing a thread object that did not have any executable associated with it; the system will now create a new executable instance if the getThread().retrieveContext() is null.
SR-B269 · Issue 284289
Multinode SOAP made more robust for rule resolution
Resolved in Pega Version 7.3
After updating an application rule on a multinode environment, SOAP service stopped working and generated the error "Failed to open Rule-Parse-XML record". In this case, the application index was written to the DB after updating in-memory variables, leading rule resolution to search in the DB with the wrong application hash. To avoid this, the system will now write the DB index first then update in-memory variables.
SR-B2709 · Issue 276670
Fixed OOM exception during DL import on JVM
Resolved in Pega Version 7.3
An OOM exception was generated during DL import on JVM when the DL being deployed had an very large number of hotfixes relating to CarDirectories. This was traced to each directory deployment creating a new instance of JarLoaderTool to internally build the cache (VersionedJdbcJarReader) which was then never cleared from the Mbean cache. This has been corrected by adding a check to release memory.
SR-B30305 · Issue 288126
Fixed double encoding from Authorize URL scope
Resolved in Pega Version 7.3
If a scope had multiple values in Authentication Profile, then Pega Platform inserted '+' between them in run-time. This was due to the scope parameter value being double-encoded for the Authorize URL, and has been fixed.
SR-B30485 · Issue 287734
Tenant ID check added to Ruleset Wizard for MT
Resolved in Pega Version 7.3
Attempting to deleting a ruleset in a multi-tenant environment using the Ruleset Wizard resulted in the error message 'Getting records from the database' and the application would hang. This was due to a missing tenant ID in the SQL statement, and a check has been added to the query generation to ensure the prepared values for "pzTenantID" are included.
SR-B30747 · Issue 297009
XSS filtering added to report browser CategoryDescription
Resolved in Pega Version 7.3
The list of categories on the right in the report browser allowed some HTML tags to be applied when added to the label. XSS filters have been applied to the CategoryDescription labels to improve security.