SR-D89002 · Issue 549104
SameSite cookie setting updated for pre-authentication
Resolved in Pega Version 8.4.1
In work done in previous versions to modify the SameSite cookie handling to support Mashups in Google Chrome v80+, SameSite was set to None only in case of an authenticated Pega-RULES cookie and not for a Pre-authenticated cookie. That caused the Samesite value to not be set when using a pre-authenticated cookie, and the blank value was treated as 'Lax', causing a login challenge. To resolve this, Samesite will be set to 'None' when using pre-authenticated cookie, which will match the way it is being set in authenticated cookie.
SR-D90485 · Issue 549270
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.4.1
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings; this value automatically includes the “secure” cookie flag, which enforces HTTPS for the Pega server and mashup. For mashups to work, SameSite should be set as None. Create a Dynamic system setting in the Pega-Engine RuleSet with the name “security/csrf/samesitecookieattributevalue” and the value "None" and restart the server. (The SameSite value "None" works only in secure HTTPS connections.) Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For cookie requirements other than mashup, it should be set as either Strict or Lax, depending upon your application.
SR-D90524 · Issue 549048
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.4.1
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings; this value automatically includes the “secure” cookie flag, which enforces HTTPS for the Pega server and mashup. For mashups to work, SameSite should be set as None. Create a Dynamic system setting in the Pega-Engine RuleSet with the name “security/csrf/samesitecookieattributevalue” and the value "None" and restart the server. (The SameSite value "None" works only in secure HTTPS connections.) Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For cookie requirements other than mashup, it should be set as either Strict or Lax, depending upon your application.
SR-D28538 · Issue 502059
Corrected requestor status flag for direct map
Resolved in Pega Version 8.1.7
Numerous "Unable to create requestor" alerts were logged. This was traced to an error in HttpAPI where after retrieving the requestor from the internal requestor map directly, the requestor creation status flag was not set properly. This caused last action to post that alert instead of the correct notice of "existing requestor retrieved". This has been resolved so the flag reflects the correct status.
SR-D51554 · Issue 514064
Local UUID cache will be updated when merge event is detected
Resolved in Pega Version 8.1.7
Cluster-related issues were seen in multiple production clusters. For some nodes in the cluster the Cluster Management screen showed all expected nodes with valid Node IDs displayed, and on other nodes the Cluster Management screen showed the node ID of itself, SERVER@localhost:5701. On an impacted node displaying the wrong ID, the Node Information landing page did not work and displayed the error "Unable to execute job on ." Multiple advanced agents running on nodes in the affected clusters, both with correct and incorrect IDs, also failed with a similar error "Unable to execute job on <node's job id>". This was traced to a merge performed after a split brain. To resolve this, the code has been updated to handle merge events: when the node UUID is changed as part of a split brain recovery, the local UUID cache will be updated when the merge event is detected.
SR-D20423 · Issue 503447
Improved upgrade handling for tables using classes with property references
Resolved in Pega Version 8.1.7
After upgrade, some page property values were blank and exposed database columns did not contain the values. Investigation showed that the reference properties did not have context and hence column population was not able to determine their value. To resolve this, instead of doing column population for all the columns, the system will identify classes that have property references and that are being optimized as part of upgrade process and maintain a list of specific columns to update.
SR-D29485 · Issue 503514
Enhancement added to modify URL encryption for load testing
Resolved in Pega Version 8.1.7
An enhancement has been added which allows conditionally modifying URL encryption for load testing. This uses the flag crypto/useportablecipherforurlencryption: if true, a portable hardcoded key is used to encrypt the URLs and if false, a dynamically generated key per thread/requestor is used to encrypt the URL.
SR-D52969 · Issue 514705
Column population honors thread count of 1
Resolved in Pega Version 8.1.7
The thread count parameter in the column population activity was not being honored, causing repeated deadlocks when trying to populate columns. Investigation showed that the ExposeCols process did not honor the thread count when it was 1 (the default is 4), and this has been fixed by adding the necessary code so that if the thread count is 1, it will not run in multhreaded mode.