SR-C74652 · Issue 422901
Grid alignment and headers corrected for Opportunities screen in RTL locale
Resolved in Pega Version 8.3
When using the RTL locale, the Opportunity detail screen and search screen had grid alignment and header issues. This has been resolved by updating the py-portal-stages CSS attached to the enduser skin.
SR-C74648 · Issue 422904
Autocomplete arrow placement corrected in Right to left local mode
Resolved in Pega Version 8.3
When using the Autocomplete control, the blue arrow was seen to have an incorrect placement/orientation in RTL mode. This was traced to the autocomplete background-image in RTL mode being the same as that for LTR, and has been resolved by adding specific background-image for RTL.
SR-C74650 · Issue 422907
Grid alignment and headers corrected for Opportunities screen in RTL locale
Resolved in Pega Version 8.3
When using the RTL locale, the Opportunity detail screen and search screen had grid alignment and header issues. This has been resolved by updating the py-portal-stages CSS attached to the enduser skin.
SR-C84788 · Issue 422936
Handling added to maintain custom modal template name after errors
Resolved in Pega Version 8.3
When using a grid where each grid row had an Edit button which launched a modal dialog with a custom modal template, the post action activity of the flow action introduced error messages on a top level page (not on primary or pyWorkPage). Clicking the submit button again caused the modal dialog size to shrink and not work after that. This was traced to the second submit using the system's pyGridModalTemplate instead of the custom modal template due to the modal submit button being replaced with new markup. To resolve this, the modal launch will now use the "pega.u.d.submitModalDlgParam.modalSection" variable which will have the modal template name. In addition, a check has been added to ensure this is not passed as null.
SR-C82059 · Issue 423070
Support added for configuring key stores using prconfig or system properties
Resolved in Pega Version 8.3
Previously, stream service only supported key store and trust store configuration using Data-Admin-Keystore instances. Unlike cluster encryption, it did not allow the configuration of key stores using prconfig or system properties. In order to align Stream service SSL configuration with the rest of the platform, support has now been added for the following system and prconfig properties: -Dpega.cluster.keyStore -Dpega.cluster.keyStorePassword -Dpega.cluster.trustStore -Dpega.cluster.trustStorePassword
SR-C77121 · Issue 423112
Support added for CyberArk
Resolved in Pega Version 8.3
In order to enable enterprise customers who wish to use a populate password vault, support has been added for CyberArk. The CyberArk password vault can be used with the Pega database in the common configuration patterns, and the deployment, configuration, and platform support guides have been updated with information on how to configure Pega with CyberArk.
SR-C85096 · Issue 423235
cross-site scripting check logic updated for pyPosition
Resolved in Pega Version 8.3
Additional logic has been added to prevent the injection of javascript into script tags while rendering Smart Tips.
SR-C82268 · Issue 423574
Atmosphere cross-site scripting Vulnerability fixed
Resolved in Pega Version 8.3
Atmosphere has been updated to close a potential cross-site scripting vunerability.
SR-C68134 · Issue 423616
Support added for configuring key stores using prconfig or system properties
Resolved in Pega Version 8.3
Previously, stream service only supported key store and trust store configuration using Data-Admin-Keystore instances. Unlike cluster encryption, it did not allow the configuration of key stores using prconfig or system properties. In order to align Stream service SSL configuration with the rest of the platform, support has now been added for the following system and prconfig properties:-Dpega.cluster.keyStore -Dpega.cluster.keyStorePassword -Dpega.cluster.trustStore -Dpega.cluster.trustStorePassword
SR-C81403 · Issue 423680
Async loading added for section includes to resolve content type exceptions
Resolved in Pega Version 8.3
The pxGuardrailsGadget on the Designer Studio Home tab was generating POST requests to the server with the Content-Type header set to indicate application/x-www-form-urlencoded as the body type when the actual body was JSON text. This generated a policy exception during F5 ASM packet inspection. To resolve this, the system will instead request to defer-load the sections using asynchronous data pages. To configure this: -> Create a readonly data page with requestor scope (This will be considered as an async data page). -> Include a section in a parent section and set the above data page as using page. -> Enable defer load option for the included section. With this configuration, the system will load the parent section and then issue a request for any defer-loaded section(s) which use async data page(s) and bundle them if necessary. After receiving the response for one or more defer-loaded sections back, the system will continue to ask for any remaining sections in the bundle using a long-polling AJAX request until all defer-loaded sections have received a response.