SR-D83053 · Issue 544267
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.3.2
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings in the CSRF LP (DevStudio-> System-> Setting-> CrossSiteRequestForgery) which will enforce HTTPS for the Pega server and mashup. Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For mashups to work, SameSite should be set as None. To follow proper security standards, it should be set as Strict.
INC-182986 · Issue 668828
Property Rule Form refreshes after discarding changes
Resolved in Pega Version 8.6.2
After updating from Pega 8.2 to Pega 8.6 and migrating the properties, modifying any property rule and then discarding the change did not refresh the Property Rule Form. Investigation showed that the LOG-SYSTEM-PROPERTYOPTIMIZATION instance created during property optimization was not getting deleted when a property was deleted. As this was not getting deleted, the property was shown as optimized when adding the property back, causing confusion. This has been resolved by cleaning up the LOG-SYSTEM-PROPERTYOPTIMIZATION instance when the property is deleted and there is an optimization entry.