SR-C82480 · Issue 421488
Column Headers properly aligned after expand/collapse of Tree Grids
Resolved in Pega Version 8.1.3
When using a hierarchical table - tree grid with a configuration that included Width of content-Pixels(Fit Content), a Fixed (pixel) size grid, and Freeze Header, expanding and collapsing back the contents resulted in a misalignment of the column headers. The fixed header implementation makes use of multiple table layouts which have to kept in sync via javascript; this issue has been resolved by rewriting the fixed header implementation to call setHeadersWidth on expand/collapse of a treegrid row.
SR-C82530 · Issue 420609
Atmosphere XSS Vulnerability fixed
Resolved in Pega Version 8.1.3
Atmosphere has been updated to close a potential XSS vunerability.
SR-C83808 · Issue 421299
FIRST aggregate in bucketed window fixed
Resolved in Pega Version 8.1.3
FIRST aggregates were not giving the correct results if used in a Sliding Time window together with an average aggregate.This was traced to an incorrect implementation of FirstAggregatorHolder.substractAggregate which used propertyIndex to get aggregate value (which was not correct in this context), and has been fixed by using the correct index in FirstAggregatorHolder class.
SR-C83915 · Issue 421169
Enhancement added to support property reference name for section include
Resolved in Pega Version 8.1.3
When requesting the view of a section from a repeating dynamic layout where the name of the section is taken from a property, the DX API returned an error on the tracer indicating "Invalid value for aReference passed to com.pega.pegarules.data.internal.clipboard.ClipboardPageImpl.getString(String)". This has been resolved by adding an enhancement to support using a property reference for section include.
SR-C85035 · Issue 421948
Added getIfPresent check for Field Value parameters with pzAPICreateJsonForView
Resolved in Pega Version 8.1.3
Calling pzAPICreateJsonForView was altering case values if localized field value parameters were added. This has been corrected by performing a getIfPresent and getIfString on the property pyFieldValueParams so field value parameters will not be added to the main page if they're not present.
INC-173068 · Issue 654064
HTML tags escaped in Audit History field values
Resolved in Pega Version 8.4.6
The case narrative section was showing case statuses with encoded special characters such as % or ( ), resulting in entries such as "Status changed to Complete &# 40;approved& #41; !@#$ %^& amp;*&# 40;&# 41;_&# 43;.". This has been resolved by updating the PyMemo field from type Text Input to DisplayAsLiteral for case narrative, which matches the setting for case history.
INC-175882 · Issue 658642
Updated bulk action audit history logic and security
Resolved in Pega Version 8.4.6
After update, using the standard bulk action feature did not record an audit history entry for the SLA action on a case. This was traced to changes made around authorization for opening worklists when using pzBulkProcessItem that limited the audit history to reassign, transfer or transfer assignment, and has been resolved by updating the login the Work-pzBulkProcessItem activity. In addition, the Require authentication to run checkbox has been enabled on the Security tab of the activity, and the Allow invocation from browser checkbox has been disabled.
INC-177183 · Issue 660537
Refresh assignment checks updated
Resolved in Pega Version 8.4.6
Additional privilege checks have been added to refresh assignment.
INC-178650 · Issue 673550
Cross-site scripting protections updated
Resolved in Pega Version 8.4.6
Cross-site scripting protections have been updated around the DisplayAttachment function.
INC-183947 · Issue 673735
Query split added to handle Oracle expressions limit
Resolved in Pega Version 8.4.6
The PXCHECKFLOWDEPENDENCIES activity was throwing the Oracle error message "ORA-01795: maximum number of expressions in a list is 1000" when a case had a very large number of sub-cases, causing a failure in trying to submit additional child cases which sent them into the broken process. This has been resolved by updating the pxCheckFlowDependencies rule to break down the query parameter into batches of 999 so they can be handled by Oracle.