SR-D77268 · Issue 542339
Updated URL opening for iOS 12 & 13
Resolved in Pega Version 8.4.1
Attempting to open a URL did not work on iPad/iPhone with iOS 12 and 13 and PIMC version 8.3.500. This has been resolved by updating previewPIMCAttachmentOnline function to handle URL opening by using the application.openurl function.
SR-D81859 · Issue 543766
Maps and signatures inside layout groups scroll correctly
Resolved in Pega Version 8.4.1
A map configured in the screen was getting grayed out while scrolling horizontally. Analysis showed that when an address map is inside a layout group, the layout group swipe was triggered instead of scrolling. To resolve this, the target parent now has the data attribute "data-nogestures" = true so the layout group swipe will not be triggered. This will also prevent swipe on signature while scrolling horizontally.
SR-D85551 · Issue 548077
Resolved touch events issue with updated Google Chrome
Resolved in Pega Version 8.4.1
After upgrading Google Chrome, touch events on a flow action under the Action Button in a case or on the application under "Launch web interface" were not reacting and the flow actions were not accessed. Investigation showed that Google Chrome's latest upgrade (79.0.3945.130) removed the ontouchstart property in the window, causing the isTouchable capability identification method to fail. This has been resolved by adding a check for navigator.maxTouchPoints to identify for Google Chrome whether the device involved has a touchscreen.
SR-D85780 · Issue 547815
Corrected iosVersion handling for getDirections
Resolved in Pega Version 8.4.1
When opening the map function in the iPhone app, it first navigated to Google maps but clicking on 'get directions' opened Apple maps. This was traced to pzpega_control_actions_getDirections. When using the getMapURL function the value being assigned for iosVersion dictates the behavior: If the iosVersion is greater than 8 it opens Google maps, else Apple maps. However, an error caused the value to be sent as string instead of integer, causing the iosVersion check to fail. This has been corrected.
SR-D46133 · Issue 534651
Colon in folder or file name will be replaced with underscore during unzip
Resolved in Pega Version 8.4.1
After creating a product file (zip), attempting to import the same file into an updated system resulted in an exception. Investigation showed that in this case the zip file was a Product rule form which had applications packaged with a colon(:) in the name of the application, a format that was allowed in 6.x versions. Because Windows machines restrict creating creating any folder or file with : in its name, the zip file could not be inflated as part of the import process. To resolve this, the system has been updated so that a colon(:) will be replaced by underscore(_) during inflate operations.
SR-D52604 · Issue 548062
Stream Registration deprecated and replaced
Resolved in Pega Version 8.4.1
Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.
SR-D64523 · Issue 545672
Stream Registration deprecated and replaced
Resolved in Pega Version 8.4.1
Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.
SR-D66521 · Issue 536140
Logout Redirect updated to handle special characters in IDP parameters
Resolved in Pega Version 8.4.1
When using "HTTP Redirect" in Authentication Service, the Logout Redirect service was failing due to the query parameter name containing "_" (underscore). This was traced to IDP sending parameters to assertion consumer service or logout request endpoint with names which contained any special characters, as the system was trying to put those key values on the parameter page for additional processing. To resolve this, the system has been updated to suppress exceptions when the parameters from IDP includes special characters.
SR-D70872 · Issue 545858
Kerberos authentication parameters propagated for deployment
Resolved in Pega Version 8.4.1
Attempting to perform a deployment using Kerberos authentication to an Oracle database failed with an authentication error. This was traced to the java system properties (for example, -Dname=value) required by the Oracle JDBC driver for Kerberos authentication intermittently not being set when connections were being made to the database. When they were not being set, the connection would fail due to authentication. This has been resolved by ensuring the java system properties (-D's) that were provided to the 'custom.jvm.properties' property in the collection of deployment related *.properties files are being propagated to every part of the deployment scripts.
SR-D72636 · Issue 536090
Added handling for Authorization Server login loop
Resolved in Pega Version 8.4.1
When the Authorization server returned an error, it was redirecting back with error, error_description, and parameters. The system then tried to start the login process again, the same error parameters were returned again, and it continued to loop this way. To resolve this issue, handling has been added for this error scenario from the Authorization Server.