Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

SR-D55508 · Issue 521862

CSRF and Fingerprint token handling added to custom URL generation

Resolved in Pega Version 8.4

An error screen appeared with the message "Server response error, no update data returned" while doing a check out and check in of the offer rule. This was traced to CSRF token validation: in this scenario, a custom URL was being framed and the corresponding request did not have a valid CSRF/ Fingerprint token, which can occur when there are custom AJAX/Non-ajax URLs constructed manually in the non-autogenerated/HTML streams. To address this, handling has been added for CSRF and fingerprint tokens as part of the custom URL generation.

SR-D56409 · Issue 520743

URL Encryption and Obfuscation made compatible with site-minder

Resolved in Pega Version 8.4

Attempting to install a DL using Hfix Manager worked when not going through SSO but failed when using SSO. Investigation showed that this was due to the use of URLEncryption: URLEncryption uses a Pega-supplied base64 to encode the cipher text with MIME type encoding by default, which adds newline character after every 72 characters. This is not compatible with site-minder. which has policies to restrict newline characters in the URL. As a result, none of the encrypted requests were being processed. To resolve this, post-processing logic has been added to remove newline characters from encoded text. This change has also been applied top URLObfuscation.

SR-D62949 · Issue 527502

XSS protection added

Resolved in Pega Version 8.4

The CrossScriptingFilter API has been applied to address a potential XSS issue related to stream rule parameters used in the request header.

SR-D63232 · Issue 524295

Support added for Authentication service rule attributes in embedded pages

Resolved in Pega Version 8.4

SSO login was not working, giving the error "Unable to process the SAML WebSSO request : No value specified for Attribute in SAML assertion". Investigation showed the Authentication service rule could only map attributes that are on the top level page and did not consider embedded page values. To resolve this, tools.getProperty will be used to fetch the property reference value instead of find Page and getString.

SR-D63727 · Issue 531726

Authorization header base 64 format error recategorized as debug logging

Resolved in Pega Version 8.4

Numerous messages were generated indicating that the Authorization Header format was invalid when using the format " : " (Base64 Og==) . As this is the default behavior for a particular class of proxy servers, the error statement has been updated to be logged as a debug statement and will be visible only when that logging is enabled.

SR-D71378 · Issue 533282

Authorization header base 64 format error recategorized as debug logging

Resolved in Pega Version 8.4

Numerous messages were generated indicating that the Authorization Header format was invalid when using the format " : " (Base64 Og==) . As this is the default behavior for a particular class of proxy servers, the error statement has been updated to be logged as a debug statement and will be visible only when that logging is enabled.

INC-145293 · Issue 610935

Additional diagnostic logging added for ElasticSearch startup issues

Resolved in Pega Version 8.5.6

The PyIndexerState was stuck in Starting status during node initialization. This issue could occur if the filesystem became hung due to network level issue while scanning entries from /etc/mtab, resulting in a lock which was not released correctly. In order to better determine which node entry in a cluster may be responsible for the hang, an update has been made which will use a temporary virtual environment to repeat the part of the initialization phase responsible and generate additional logs for debugging. To activate this, the PegaSearch.Diagnostics logger must be set in DEBUG mode. This duplicated virtual initialization will not interrupt the normal initialization.

INC-163791 · Issue 666195

Simplified default reference time calculations

Resolved in Pega Version 8.5.6

After a job scheduler was configured to run at Start time = 21:00:00 for Time zone = Europe/London, the scheduler determined 20:00:00 as the next start time. This was due to the calculation for the next start time using the time zone offset calculation pattern for the date and time stored in System-Runtime-Context.pxCreateDateTime, which had difficulty with changes to the time zone definition implemented in the time between the given date and today (meaning the current time) such as daylight savings time. To resolve this, the default reference time from System Runtime Context will be 'now' instead of Date(0).

INC-168253 · Issue 660882

Documentation updated for using Connect MQ with clustered queues

Resolved in Pega Version 8.5.6

After update to Pega Platform v8.6, an issue was seen with Connect MQ rules that used an alias queue. The support documentation has been revised to outline the necessary steps for updating an application to perform as expected. In the Pega-IntegrationEngine ruleset, create the following dynamic system settings and their default values: "mq/pmo" = 0 "mq/gmo" = 0 "mq/oo_request" = 1040 "mq/oo_response" = 16 For more information, dynamic system setting support articles are available.

INC-174625 · Issue 655241

Admin Studio will consider cluster protocol when returning listener status

Resolved in Pega Version 8.5.6

When using a few nodes in standalone mode for BIX extract combined with server nodes using Hazelcast, opening the admin studio pages with service discovery caused an error to be thrown. This was traced to the system writing an entry to pr_sys_statusnodes table as an embedded node whenever a BIX extract was triggered, causing those standalone nodes to be incorrectly considered by the listener landing page. This has been resolved by configuring the system to either return the local member when the cluster protocol is standalone or to return all Hazelcast members if the cluster protocol is Hazelcast.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us