SR-C82059 · Issue 423070
Support added for configuring key stores using prconfig or system properties
Resolved in Pega Version 8.3
Previously, stream service only supported key store and trust store configuration using Data-Admin-Keystore instances. Unlike cluster encryption, it did not allow the configuration of key stores using prconfig or system properties. In order to align Stream service SSL configuration with the rest of the platform, support has now been added for the following system and prconfig properties: -Dpega.cluster.keyStore -Dpega.cluster.keyStorePassword -Dpega.cluster.trustStore -Dpega.cluster.trustStorePassword
SR-C77121 · Issue 423112
Support added for CyberArk
Resolved in Pega Version 8.3
In order to enable enterprise customers who wish to use a populate password vault, support has been added for CyberArk. The CyberArk password vault can be used with the Pega database in the common configuration patterns, and the deployment, configuration, and platform support guides have been updated with information on how to configure Pega with CyberArk.
SR-C85096 · Issue 423235
cross-site scripting check logic updated for pyPosition
Resolved in Pega Version 8.3
Additional logic has been added to prevent the injection of javascript into script tags while rendering Smart Tips.
SR-C82268 · Issue 423574
Atmosphere cross-site scripting Vulnerability fixed
Resolved in Pega Version 8.3
Atmosphere has been updated to close a potential cross-site scripting vunerability.
SR-C68134 · Issue 423616
Support added for configuring key stores using prconfig or system properties
Resolved in Pega Version 8.3
Previously, stream service only supported key store and trust store configuration using Data-Admin-Keystore instances. Unlike cluster encryption, it did not allow the configuration of key stores using prconfig or system properties. In order to align Stream service SSL configuration with the rest of the platform, support has now been added for the following system and prconfig properties:-Dpega.cluster.keyStore -Dpega.cluster.keyStorePassword -Dpega.cluster.trustStore -Dpega.cluster.trustStorePassword
SR-C81403 · Issue 423680
Async loading added for section includes to resolve content type exceptions
Resolved in Pega Version 8.3
The pxGuardrailsGadget on the Designer Studio Home tab was generating POST requests to the server with the Content-Type header set to indicate application/x-www-form-urlencoded as the body type when the actual body was JSON text. This generated a policy exception during F5 ASM packet inspection. To resolve this, the system will instead request to defer-load the sections using asynchronous data pages. To configure this: -> Create a readonly data page with requestor scope (This will be considered as an async data page). -> Include a section in a parent section and set the above data page as using page. -> Enable defer load option for the included section. With this configuration, the system will load the parent section and then issue a request for any defer-loaded section(s) which use async data page(s) and bundle them if necessary. After receiving the response for one or more defer-loaded sections back, the system will continue to ask for any remaining sections in the bundle using a long-polling AJAX request until all defer-loaded sections have received a response.
SR-C84116 · Issue 423755
Added container handling to make optimized grid table visible in action top
Resolved in Pega Version 8.3
After upgrade, if the Optimize code checkbox was checked on a table and visibility was applied over grid header, the table was not visible in the UI. This scenario only happened when a grid was upgraded from non-optimized to optimized with some visibility condition added, and was caused by the system not yet supporting the visibility features in action top for an optimized grid. To resolve this at this time, the system has been updated to not honor the visibility at container for an optimized grid so the table will be visible.
SR-C80388 · Issue 423760
Added denominator counter to avoid PMML average results error
Resolved in Pega Version 8.3
While running a PMML file with test data, the results were always infinity. This was caused by the denominator not being incremented when using the 'average' method, and has been corrected by adding a counter to the evaluator to avoid a divide-by-zero condition.
SR-C84643 · Issue 423854
Logs now support RandomAccessFileAppender
Resolved in Pega Version 8.3
Support has been added to the LogFileDownload and LogViewer HTML final rules for using RandomAccessFileAppender. This is in addition to the existing support for RollingRandomAccessFileAppender and RollingFileAppender.
SR-C47100 · Issue 423998
Added handling for cases where Microsoft Internet Explorer causes a SAXParseException
Resolved in Pega Version 8.3
Numerous SAXParseException messages were seen in the log file, and the queryString showed the pyDeleteDocumentPg being referenced. This was traced to the method used by Internet Explorer to construct an HTTP request: Microsoft Internet Explorer sends the header and body of the request in separate TCP packets, but for an unknown reason in this case the body packet goes missing. To resolve this, a toggle has been introduced which will send the pyDeleteDocumentPg request as GET if pega.u.d.GET_REQUEST_DELETEDOCUMENT is set to true in userworkform. In a normal flow without this variable, the request will pass through the normal flow.