SR-D80539 · Issue 544794
Testcases are not available for 'access when' rules
Resolved in Pega Version 8.5
Attempting to create test cases for access when rules resulted in guardrail warnings about the need to create a test case. Because Test Cases are not available for the Access When rule type as per Pega expected behavior, the guardrail warnings are not valid and have been removed.
SR-D72672 · Issue 536389
Security updated for CreateOperator
Resolved in Pega Version 8.5
In order to improve security, CreateOperator in Pega-ProCom will require authentication to run with pxCanManageUsers privilege.
SR-D69927 · Issue 537480
Cleanup added for staging directory
Resolved in Pega Version 8.5
Temporary files from imports and exports (from DevOps) were filling up the staging area disk space because there was no automatic process for cleaning up these local files. This has been resolved by adding an enhancement that will clear the directory on Engine Startup and any time ParUtils.setStagingDirectory gets called to initialize the staging directory.
SR-D76492 · Issue 549969
Added check for test case creation when Cross-site scripting security enabled
Resolved in Pega Version 8.5
Test case creation was failing. Investigation showed that when the "Cross-Site Request Forgery" security setting was enabled, the CSRF token and Browser fingerprint were not included in AJAX calls, and the Ruleinskey was not getting passed. This has been resolved by adding a check to evaluate whether security measures are included or not when making a server call from AJAX, and including the tokens required when appropriate.
SR-D79397 · Issue 546416
Rule-Utility-Function references updated with library information
Resolved in Pega Version 8.5
The "changeSystemName” operation failed. This was traced to the function “getLocalizedValue” (Rule-Utility-Function) being saved into the PegaFS library due to runtime resolution based on the function signature even though the actual Rule-Utility-Function from “Pega-Rules” ruleset needed to be picked in this case. To ensure the correct ruleset is picked, Rule-Utility-Function references have been updated with library information to resolve the resolution collision scenario.
SR-D52138 · Issue 537506
Property setting corrected for On Join and Exclusion shapes in Expression Builder
Resolved in Pega Version 8.5
The properties for the defined page did not appear when using the type-ahead feature to select properties for the On Data Join and Exclusion shapes in Expression Builder. This was an issue related to the property being referenced for setting the context in the expression builder, and has been corrected.
SR-D67316 · Issue 541205
Cross-site scripting protection for PegaRULESMove_Skimming_Query
Resolved in Pega Version 8.5
Cross-site scripting protection has been added for input parameter toRSV of the activity PegaRULESMove_Skimming_Query.
SR-D81496 · Issue 547170
Data Social tag class FTS index query improvements
Resolved in Pega Version 8.5
A query intended to select from the link tag table to see if any cases were linked to the tag in question and then index the tag change was causing performance issues. Investigation showed that checking tag associations during FTS indexing fetched all matching rows from the table even though one was sufficient. To resolve this, the query will be created with max result count = 1, fetching up to 2 rows from the table.
SR-D85839 · Issue 550938
Support added for custom Kafka connection properties
Resolved in Pega Version 8.5
An enhancement has been added to allow specifying custom Kafka connection properties in the Data-Admin-Kafka data instance to allow connections to external Kafka through the common client configs, ssl configs, and sasl configs.
SR-D90505 · Issue 550990
Repaired Tracer use with Google Chrome
Resolved in Pega Version 8.5
After running Tracer while using Chrome, closing it and trying to run another resulted in an error indicating "Cannot Launch multiple tracer sessions for a requestor". This was identified as a bug with Google Chrome Versions greater than 70 and was caused by Chrome deprecating the use of sync XHR on page dismissal, and has been resolved by modifying the system to use a beacon API instead.