INC-133173 · Issue 573443
Landing page refresh modified to avoid frequent reloads
Resolved in Pega Version 8.4.2
Approximately every two weeks, clients were able to login but it was not possible to work as the landing page refreshed constantly until all of the nodes were rebooted and the issue was cleared. Investigation indicated the frequent reloads were related to the cacheing of the operator details, and this has been resolved by updating the datapage reload strategy based on 'when' so frequent reloads will be avoided.
SR-D95626 · Issue 563585
Added handling for download of attachment with special characters
Resolved in Pega Version 8.4.2
If the name of an uploaded attachment contained a non-ascii character, the upload was successful but the downloaded file had the wrong name without any suffix. This was an issue on WAS or JBoss servers where filenames contained non-ascii characters, and the filename parameter in the content disposition header also contained these characters. To resolve this, the filename parameter in the content disposition header will be encoded as well along with the filename* parameter to handle non-ascii characters in the filename.
SR-D90687 · Issue 560431
IOException handling improved to resolve broken pipe errors
Resolved in Pega Version 8.4.2
Frequent "connection reset by peers" exceptions were being generated and broken-pipe exceptions were seen in the logs. Investigation traced the issue to unhanded IOExceptions on the server side that were a result of the client application not always closing the TCP connection gracefully. To resolve this, error handling for IOExceptions has been improved.
SR-D67408 · Issue 554900
Directory traversal blocked in zip import
Resolved in Pega Version 8.4.2
One of the files contained in a zip archive was not deleted from the system after zip import. This was due to the file being created by a third-party archive that included of a directory traversal character that caused it to be inflated outside of the temp directory. To resolve this, a check has been added to that a file with directory traversal characters in its name will not be inflated.
SR-D81572 · Issue 551028
JDBC URL handling added for Oracle over TCPS
Resolved in Pega Version 8.4.2
While attempting to upgrade an environment over TCPS, the generateDDL.sh script was failing. The same environment ran without issue on Tomcat with the same URL. Investigation showed the JDBC url was not correctly generated while running the upgrade: in a standard scenario, there will be no spaces in the JDBC URL specified. However, because Oracle can send spaces as part of JDBC URL and cause this issue, an update has been made which will quote the JDBC URL argument for the ant target in setupDDL.xml.
SR-D84364 · Issue 551403
Check for circular references added to SearchInventoryImpl to prevent recursive call
Resolved in Pega Version 8.4.2
An out of memory error was traced to SearchInventoryImpl infinitely recursing over a clipboard property, where the child property referenced a parent property and resulted in an endless loop. This has been resolved with the addition of a depth check to ensure that the search does not recurse infinitely.
SR-D85100 · Issue 556262
ProductInfoReader updated to fetch only most recent version information
Resolved in Pega Version 8.4.2
After upgrade, running Hfix scanner on Pega Marketing 8.2 displayed missed critical Hfixes for Pega Marketing 8.1. This has been resolved by modifying ProductInfoReader.runQuery to fetch only latest version of DAPF instances during a scan.
SR-D98404 · Issue 558207
Handling added for hotfix Rule-Application instances
Resolved in Pega Version 8.4.2
A null pointer error during DL file expansion performed as part of the second phase of a hotfix installation caused the hotfix install to fail. The null-pointer exception was thrown because the code, primarily used for export, performed a database lookup of a Rule-Application and assumed the response would be non-null without checking the result. During export the Rule-Application would normally exist because the system would have interacted with it already during the export by identifying it and writing it to the archive. During phased hotfix installation, rules are staged to the database in a different table during the first phase and reconstituted during the second phase. The scenario for this error was a missed corner case specific to the unusual combination of including Rule-Application instances in a platform hotfix. To resolve this and prevent further issues, handling has been added for this use case.
INC-163292 · Issue 635837
Portlet service deprecated
Resolved in Pega Version 8.4.6
Portlet authentication services have been removed from the standard installation package.
INC-156674 · Issue 660956
Handling added for reactivating combined Passivation and AccessGroup timeout
Resolved in Pega Version 8.4.6
Refreshing a passivated browser window in Dev Studio for an operator with a combined access group and passivation timeout was resulting in a blank screen after re-authenticating. InvalidParameterException and InvalidReferenceException messages were logged. Research showed this was caused by a missing pxPortal property on the pxThread page along with missing Application and Accessgroup pages. While refreshing the browser along with the top URL, there will be few requests with tab threads calling activities such as deletedocumentpg and SetProcessWindowName because there was an unload. Because these requests reached the server before re-authentication, the threads proceeded to the activation flow, causing properties such as pxPortal, Application, and Accessgroup pages to be removed from the thread page and requestor page according to the condition that the requestor was not yet authenticated. To resolve this, the logic in session.internal.authorization.context.BasicApplicationContextImmutableImpl#applyApplicationProperties has been updated to skip removing application page properties from the thread page in this combined Passivation and AccessGroup timeout scenario.