INC-144591 · Issue 601614
Oauth and beanutils jars upgraded
Resolved in Pega Version 8.3.5
The third party Oauth2 jars and commons-beanutils jar have been updated to the latest versions.
INC-134808 · Issue 590713
Property check handling updated for Ajax requestor
Resolved in Pega Version 8.3.5
SECU0001 alerts were seen when submitting a case in the interaction portal. Logging indicated the errors were related to the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties which are included in an Ajax request when they exist in the DOM and the 'pyGeolocationTrackingIsEnabled' when rule is true. The error was traced to a condition where a new thread request results in an unexpected property check that encounters a clipboard which doesn't have any pages created for that thread. To resolve this, the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties have been added to an allow list to handle the unexpected properties check.
INC-140101 · Issue 597636
System will attempt to decrypt data ending in "+"
Resolved in Pega Version 8.3.5
Encrypting and decrypting one specific email address was not working properly when showing on the UI. It was possible to force a decryption using decryptproperty, but Pega generated an error. This was due to the actual encrypted value ending with '+', which conflicted with a system check that skips decryption if the encrypted property value ends with + . To resolve this, the system will attempt to decrypt the property even when encryptedText ends with + .
INC-137874 · Issue 599130
Cross-site scripting update for Dev Studio
Resolved in Pega Version 8.3.5
Cross Site Scripting (Cross-site scripting) protections have been added to Developer Studio.
INC-139705 · Issue 595169
Documentation update for Security Settings for DX API
Resolved in Pega Version 8.3.5
Information on the pyDXAPIEncodeValues application setting has been added to the Security Settings for DX API article under the Application settings sub-section. The Pega Platform version that supports the pyDXAPIEncodeValues application setting is mentioned in the Supported UI capabilities article.
SR-D39956 · Issue 511637
Corrected method IF use with shortcut function
Resolved in Pega Version 8.2.5
After upgrade, method IF was not working as expected when used in an expression like "@if(.totalorders_120days>0,(.remakeorders_120days/.totalorders_120days)<0.3,false)". This was caused by a missed use case for the combination of an exception-generating function in combination with a shortcut function (i.e. ternary, and, or), and has been resolved.
SR-D41207 · Issue 512087
Fallover stategy added to chat routing to keep event processor running
Resolved in Pega Version 8.2.5
Chats were becoming stuck in the queue and end users were not able to connect with the customer service representative. An excessive number of queued items were observed in a Queue Processor named "EventProcessor". This was traced to the setting "Browse from the offset" having been removed because of a retention policy. This resulted in "Browse from the end of the stream" being used instead even though browse should start from the earliest known offset. To resolve this, Stream Producer will be cached based on topic, and Stream consumer will fall over to an earliest strategy in case the requested offset isn't found so the event queue will be handled in a timely manner.
SR-D42662 · Issue 516870
Support added for auto restart of system paused nodes
Resolved in Pega Version 8.2.5
After the system paused a run, nodes had to be manually restarted by hand. Investigation showed that a node had fallen from the Hazelcast cluster due to an instability and that there was no support for an auto-restart under this condition. This has been resolved by adding a pulse task to resume runs stuck in system pause.
SR-D43912 · Issue 509737
Fallover stategy added to chat routing to keep event processor running
Resolved in Pega Version 8.2.5
Chats were becoming stuck in the queue and end users were not able to connect with the customer service representative. An excessive number of queued items were observed in a Queue Processor named "EventProcessor". This was traced to the setting "Browse from the offset" having been removed because of a retention policy. This resulted in "Browse from the end of the stream" being used instead even though browse should start from the earliest known offset. To resolve this, Stream Producer will be cached based on topic, and Stream consumer will fall over to an earliest strategy in case the requested offset isn't found so the event queue will be handled in a timely manner.
SR-D47618 · Issue 512602
Statistic rounding error in ADMSnapshot Agent with Oracle corrected
Resolved in Pega Version 8.2.5
While running the ADMSnapshot Agent, the exception "internal.mgmt.Executable) ERROR com.pega.decision.adm.client.ADMException: Failed to complete ADM Data Mart snapshot" was seen. This was traced to an issue with the rounding of performance statistics when using Oracle, and has been resolved.