SR-A17654 · Issue 234844
Stack trace will not display in REST errors
Resolved in Pega Version 7.2.1
To improve security, the exception stacktrace generated by a REST Service response will not be displayed as part of the error. The message "An error occurred while processing the request. Please contact your Administrator." will be displayed instead, and the stack trace will be logged.
SR-A17654 · Issue 246367
Stack trace will not display in REST errors
Resolved in Pega Version 7.2.1
To improve security, the exception stacktrace generated by a REST Service response will not be displayed as part of the error. The message "An error occurred while processing the request. Please contact your Administrator." will be displayed instead, and the stack trace will be logged.
SR-A17670 · Issue 236156
New display control for attachment category delete privilege
Resolved in Pega Version 7.2.1
If an attachment category delete privilege was set to 'never' but there was no access group referenced for it, it was possible for the user to delete the attachment. This was a scenario where even though the delete-all option was enabled for the attachment category, the display of the delete icon was not controlled by this access specifier. A new when condition "HaveAttachmentDeletePrivileges" has now been added on the delete icon to control whether or not the icon appears.
SR-A17672 · Issue 236191
Tab layout groups updated to retain status when switching
Resolved in Pega Version 7.2.1
Switching between tabs caused the harness to refresh. The tab layout groups have been updated to ensure expected behavior.
SR-A17683 · Issue 235082
Autocomplete JSON error resolved
Resolved in Pega Version 7.2.1
A JSON parse error was causing issues with autocomplete controls after updating. This was caused by a syntax error, and has been corrected.
SR-A17738 · Issue 234851
Authentication requirement removed from OnProcessEnd
Resolved in Pega Version 7.2.1
pzChangeStageWrapper calls pzOnProcessEnd, which requires Authentication and is a Final rule. This created an issue using the ChangeStageWrapper without authentication, and the authentication requirement has been removed from OnProcessEnd.
SR-A17748 · Issue 233597
TrimLog performance improved
Resolved in Pega Version 7.2.1
Activity log.trimlog is called several times from the systemCleaner agent to clean up old entries of generally unused Log- classes. In order to improve performance on large logs, the previous partial load and delete method has been updated to a bulk cleanup using the purgeTableContainingClass() API in the Pega Database.
SR-A17758 · Issue 234057
Check added to avoid duplicate encryption
Resolved in Pega Version 7.2.1
When a property of type TextEncrypted was edited from the clipboard viewer, the encrypted value was being encrypted again. This was caused by the server side trimming the string values of parameters sent in a post body, removing '\t' from the encrypted value '\t{ps}XXXXX' and triggering encryption of an already encrypted value. To prevent this, the system has a check for strings starting with '\t{ps}' at the time of parsing URL Parameters or post body.
SR-A17773 · Issue 234118
Custom field value visible for maxloginattempts message
Resolved in Pega Version 7.2.1
In order to support a customized field value message once a user crosses the allowed invalid login attempts threshold, a new overloaded method of prepareStatusInfo() has been introduced in PRDiagnosticStream.java that will not mask the exception details with generic error message.
SR-A17852 · Issue 234570
Edit Validate passes parameters to message rule
Resolved in Pega Version 7.2.1
When using an Edit Validate rule in the condition, functions could not be passed as a parameter into a message rule. This has been fixed.