SR-B70652 · Issue 325760
Read operations updated for Datastax 3.1.x use
Resolved in Pega Version 7.3.1
In the 3.1.x Datastax driver reads are no longer retried by default. Therefore, the read operations have now been explicitly marked as idempotent to force the Datastax driver to retry timed out reads.
SR-B70652 · Issue 325924
Timeout error resolved for write future
Resolved in Pega Version 7.3.1
With retries enabled, the write future was timing out before retries could be completed. This has been fixed by removing the timeout on the write future since timeouts will be caught using Datastax driver exceptions.
SR-B74934 · Issue 327017
Facebook connector refined to handle page deletion while the AADrivetech is active
Resolved in Pega Version 7.3.1
A Facebook connector trying to connect to a invalid page was causing out of memory errors. In this scenario, a Facebook Page that was no longer required was deleted but the AADrivetech Facebook connector was left running. This connector, in its attempts to contact the Facebook page and retrieve the getFrom parameter which was now null, started to consume resources on the node leading to the outage. To solve this, the code has been modified to not expect the user name to always come from Facebook but instead put in an anonymous name if the page disappears.
SR-B76526 · Issue 326533
Backwards compatibility enhancement for @when() validation
Resolved in Pega Version 7.3.1
After upgrade, a Strategy rule which referred a 'when' with the syntax @when(isOnlineApplication) was failing with design time validation saying that when rule was not found in the SR and instead it had to find it in the Customer/Applies to class. For the @when() issue, the root cause was that the validation context of @when() was switched from Applies-To class to the Step Page class due to a change in the core engine. The behavior of expression parsing for when rule calls was changed in release 7.2. It used to take the Apply-to class to validate the existence of the rule, but not it is taking the Step Page class. And Strategy rule doesn't push/pop stackframe due to performance reasons, thus StepPage on stack for Strategy is always the same as Primary page. For greater compatibility, the system will set the PageContextClass to the Apply To class so the expression parser can validate the setup which is expected at run-time.
SR-B37374 · Issue 309750
null-pointer exception fixed for missing rule class
Resolved in Pega Version 7.3.1
After upgrade, a null-pointer exception was generated when the class on which a rule was defined no longer existed and there was a withdrawn rule in the hierarchy. This has been fixed.
SR-B40801 · Issue 317066
Check added to ensure downloaded files match the extension type given
Resolved in Pega Version 7.3.1
In the remote application that provided functionality for downloading files, no validation was performed on the requested file extension or file name during the request; these values could be constructed in the file request. However, this could allow attackers to send malicious links to end users by forcing a file to have a specific file extension such as .exe, .html, or .bat . In order to prevent issues, a check has been added to see if the extension of the filename and the actual file extension match. If they do not, the file will not be downloaded.
SR-B44095 · Issue 318443
Re-indexing modified with check for FTS reinitialization
Resolved in Pega Version 7.3.1
Using the Designer Studio 'Search Landing Page' to initiate a re-index of approximately 12 million work items never seemed to complete. This was traced to an unnecessary reinitialization call; the API used to reconfigure the Search node (initialized from the FullTextIndexer command line utility) uses the configure node API to remove the index directory information on the index node. This API has logic to reinitializeFTS because it is the expected behavior in normal scenarios. However, in cases using the full text indexer command line utility, we do not need to reinitalize the FTS instance as the node is a standalone node. This has been updated.
SR-B48161 · Issue 311806
Pega0001 alert honors parameter page inclusion setting
Resolved in Pega Version 7.3.1
The setting was not being properly honored, causing sensitive information to be available in the ALERT logs. This has been revised so the system will honor the above setting and if it is set to false, the parameter page will be disabled in the alert lines.
SR-B50434 · Issue 317985
Struts mapping updated to compensate for behavior change
Resolved in Pega Version 7.3.1
The expectation was that after system startup in a zOS multi-servant environment where each servant has two JVMs which are running at any given point of time, launching SMA after adding a primary node should cause the servant node to show up in the edit page and upon submit the servant nodes should be listed under the primary node under left navigation links. However, after upgrade new nodes added to the cluster in the SMA were not visible due to behavior change between struts releases. This has been addressed by modifying the mapping in struts.xml and tuning some JSP syntax issues in AddNodeIDs.jsp.
SR-B56125 · Issue 317516
WebLogic deployment guides updated for dual user setup
Resolved in Pega Version 7.3.1
The WebLogic deployment guides have been updated to specify that dual user setup requires the addition of the jdbc/AdminPegaRULES datasource with entries added to prconfig.xml. This is similar to the method used for the Tomcat app server.