Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Download resolved issues

Go to download resolved issues by patch release.

See Platform Release Notes

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please update your bookmarks. This site will be discontinued in Dec 2024.

Pega Platform Resolved Issues for 8.1 and newer are now available on the Support Center.

Platform Version

Capability

System Administration Mobile 8.5.1 8.3.5 8.3.3
(Clear filters)

SR-D70872 · Issue 545856

Kerberos authentication parameters propagated for deployment

Resolved in Pega Version 8.3.3

Attempting to perform a deployment using Kerberos authentication to an Oracle database failed with an authentication error. This was traced to the java system properties (for example, -Dname=value) required by the Oracle JDBC driver for Kerberos authentication intermittently not being set when connections were being made to the database. When they were not being set, the connection would fail due to authentication. This has been resolved by ensuring the java system properties (-D's) that were provided to the 'custom.jvm.properties' property in the collection of deployment related *.properties files are being propagated to every part of the deployment scripts.

SR-D92877 · Issue 551030

SameSite cookie setting added for Mashup support in Google Chrome v80+

Resolved in Pega Version 8.3.3

The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings; this value automatically includes the “secure” cookie flag, which enforces HTTPS for the Pega server and mashup. For mashups to work, SameSite should be set as None. Create a Dynamic system setting in the Pega-Engine RuleSet with the name “security/csrf/samesitecookieattributevalue” and the value "None" and restart the server. (The SameSite value "None" works only in secure HTTPS connections.)Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For cookie requirements other than mashup, it should be set as either Strict or Lax, depending upon your application.

SR-D89002 · Issue 549102

SameSite cookie setting updated for pre-authentication

Resolved in Pega Version 8.3.3

In work done in previous versions to modify the SameSite cookie handling to support Mashups in Google Chrome v80+, SameSite was set to None only in case of an authenticated Pega-RULES cookie and not for a Pre-authenticated cookie. That caused the Samesite value to not be set when using a pre-authenticated cookie, and the blank value was treated as 'Lax', causing a login challenge. To resolve this, Samesite will be set to 'None' when using pre-authenticated cookie, which will match the way it is being set in authenticated cookie.

SR-D64523 · Issue 545670

Stream Registration deprecated and replaced

Resolved in Pega Version 8.3.3

Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.

SR-D52604 · Issue 548060

Stream Registration deprecated and replaced

Resolved in Pega Version 8.3.3

Previously, Stream Registration, which was added as an extra layer of protection during the display of stream rules, automatically registered any streams being used in the context and checked this registry during reloadSection/reloadHarness calls to prevent Broken Access Control attacks. However, only an alert was thrown and no further action was being taken on it. With platform added support for URL Tampering, Stream Registration is no longer required and has been deprecated. The URL Tampering function has the capabilities to register for auto/non-auto rules and configure whether to display warning or reject the request for all the activities, and not just the stream rules. Note that URL Tampering will do registration/validation only when security/rejectTamperedRequests is explicitly set to true.

INC-134618 · Issue 582776

Corrected logic for deep pagelists on mobile

Resolved in Pega Version 8.5.1

After completing a workorder in the mobile app, the synchronization failed intermittently with the error "fail: pyWorkPage - Validation failed: Errors Detected. Finish Assignment action failed as pyWorkPage has messages: Validation failed: Errors Detected. ... The page contains an undefined property: .pxUniqueElementID". This was traced to incorrect logic for handling deep pagelists, and has been resolved.

INC-131961 · Issue 571700

Mobile app correctly determines online status after sleep

Resolved in Pega Version 8.5.1

After not using the mobile device for some hours, the app was not recognizing that the device had become online again and continued to show the red 'offline' bar. Restoring network connectivity required logging off and relogging into the network. This was traced to a bug in Android webview which causes window.navigator.onLine to return as false after wakeup despite the connection being present. To resolve this, version 8.5.103 of PIMC (Pega Infinity Mobile Client) contains new native mechanisms which are exposed to the webview as plugins and that work completely independent of webview.

INC-130727 · Issue 573340

Resolved mobile app java.lang.OutOfMemoryError

Resolved in Pega Version 8.5.1

After working with the mobile app for a period, logging in failed and the app crashed with java.lang.OutOfMemoryError exceptions. This was traced to each sync adding a new version of allow-list datapages to the client store which were not cleared, and has been resolved.

INC-135159 · Issue 580675

Logic updated for deepMergeObj API

Resolved in Pega Version 8.5.1

Issues with the embedded page values being removed when navigating from a flow action and inconsistent localization of labels and captions in a mobile app were traced to the deepMergeObj API; the logic for the API has been revised to ensure the pxObjClass property is not removed from embedded pages during the doSave function.

INC-131991 · Issue 583041

Logic updated for deepMergeObj API

Resolved in Pega Version 8.5.1

Issues with the embedded page values being removed when navigating from a flow action and inconsistent localization of labels and captions in a mobile app were traced to the deepMergeObj API; the logic for the API has been revised to ensure the pxObjClass property is not removed from embedded pages during the doSave function.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us