SR-C14053 · Issue 355755
Handling added for saving page groups with blank indexes
Resolved in Pega Version 8.1
When saving a page group entry with a blank index, the page group entry was created in a corrupt state if "obj-save/writenow" was used instead of obj-save followed by a commit. To fix this, validation was added for empty property creation subscripts and empty subscripted references while parsing.
SR-C14255 · Issue 366610
Hint clarified for SELECT queries on Oracle
Resolved in Pega Version 8.1
Queries beginning with "SELECT /*+ leading(D R H A)" were running very slowly on Oracle. To clarify that the query uses Cartesian join for the first union, the hint now suggests that the format be "SELECT /*+ leading(D R H A) USE_NL(D R H A) optimizer_features_enable('11.2.0.4') */"
SR-C14506 · Issue 355734
Repaired localization on first load of section textarea
Resolved in Pega Version 8.1
After upgrade, localization for textarea "Remaining Character count" was not working when textarea was rendered in a section, but appeared after refresh if "post" action was specified on control. This was due to the template not handling this use case on the first load, and has been fixed.
SR-C14523 · Issue 354591
Tomcat/PostgreSQL guide updated for rulebase installation
Resolved in Pega Version 8.1
Documentation for rulebase installation has been clarified in the Tomcat/PostgreSQL guide to correct pathname errors.
SR-C14630 · Issue 357156
73
Resolved in Pega Version 8.1
If a Radio Buttons control was used to display read-only values with "Display Text of selected option" using the presentation type "True/False", the value shown was always False if localization was in place, even when the property value was true. This was a logic error and has been corrected.
SR-C14639 · Issue 368138
German language pack updates
Resolved in Pega Version 8.1
The German Language Pack (_de) has been updated to properly display the German text for rich text editors text like (Bold, Italic,) and the 'Check Spelling' tooltip.
SR-C14688 · Issue 358198
Added handling for scheduled reports with spaces in the shortcut name
Resolved in Pega Version 8.1
If a report was scheduled which had spaces in the shortcut title, the emails were not sent and the error "Opening the definition of the report failed for class name: Work-& report name: Open Case timeliness" was generated. To resolve this, the activity Pega-ScheduledTask-Reporting!pyExecuteTask has been updated to set the pyClassName and pyStreamName according to the report insname found on the shortcut when using a Report Definition.
SR-C14893 · Issue 360684
Repaired Refresh Section triggered by activity
Resolved in Pega Version 8.1
Refresh Section was showing incorrect information after modifying the PageList last record details and triggering an activity. This has been corrected.
SR-C14922 · Issue 357161
Improved CSRF features support whitelist
Resolved in Pega Version 8.1
Previously, the system had an option to support secureAll (i.e. securing all streams and activities) or the ability to list the streams or activities which needed to be secured against CSRF attack (blacklist). This has now been enhanced to support the list of allowed activities or streams for which CSRF protection is skipped so that customer can set secureAll to True and can provide the exemption list of activities or streams (whitelist).The DSS setting security/csrf/AllowSameDomainReferrer allows either True or False. When DSS security/csrf/AllowSameDomainReferrer is set True then the current behavior is retained, i.e. if the referrer is in the allowed referrer list or the request is from same domain of the pega app then request is considered as valid even if the token validation fails. When DSS security/csrf/AllowSameDomainReferrer is set False and if the token validation fails then it will be considered a CSRF attack. If the token validation passes then it's returned as success. The DSS settings security/csrf/allowedActivities and security/csrf/allowedStreams will take the list of activities and streams for which CSRF validation is skipped when security/csrf/secureall is set True. The DSS settings security/csrf/allowedActivities and security/csrf/allowedStreams will take precedence over the existing DSS settings security/csrf/securedActivities and security/csrf/securedStreams .
SR-C15039 · Issue 360857
improved security for static content requests
Resolved in Pega Version 8.1
In order to improve security, the logic used for extracting a file extension from a static content request has been updated to use relative references that avoid needing a PRThread if it doesn't exist.