SR-D90524 · Issue 549047
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.5
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings; this value automatically includes the “secure” cookie flag, which enforces HTTPS for the Pega server and mashup. For mashups to work, SameSite should be set as None. Create a Dynamic system setting in the Pega-Engine RuleSet with the name “security/csrf/samesitecookieattributevalue” and the value "None" and restart the server. (The SameSite value "None" works only in secure HTTPS connections.) Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For cookie requirements other than mashup, it should be set as either Strict or Lax, depending upon your application.
SR-D79178 · Issue 543313
SameSite cookie setting added for Mashup support in Google Chrome v80+
Resolved in Pega Version 8.5
The Google Chrome browser version 80 and above now treats SameSite with a blank value as "Lax" by default, causing mashup scenarios to break. In order to compensate for this change, support has been added for setting SameSite=None in Cookie Settings; this value automatically includes the “secure” cookie flag, which enforces HTTPS for the Pega server and mashup. For mashups to work, SameSite should be set as None. Create a Dynamic system setting in the Pega-Engine RuleSet with the name “security/csrf/samesitecookieattributevalue” and the value "None" and restart the server. (The SameSite value "None" works only in secure HTTPS connections.) Note: The SameSite cookie may be set to None/Lax/Strict, based on the requirement. For cookie requirements other than mashup, it should be set as either Strict or Lax, depending upon your application.
SR-D48433 · Issue 529856
Exception handling added for Redirect URL fetched from GRS
Resolved in Pega Version 8.5
When the application definition under “integration and security" tab was configured to use "Store in web storage provider" to allow choosing the storage name and the authentication profile, configuring the authentication profile to use an OpenID connect provider with the pyEndpointURL property given as a global resource setting such as (=D_SharepointDetails.url) was not working as expected. Clicking browse in the application definition sent the request to the OpenID connect provider and was returned with the error "The reference =D_SharepointDetails.url is not valid. Reason: Page name (D_SharepointDetails) from indirect reference was not found." This was traced to the Redirect URL (fetched from GRS) throwing an unhandled exception, and has been resolved.
SR-D72636 · Issue 536089
Added handling for Authorization Server login loop
Resolved in Pega Version 8.5
When the Authorization server returned an error, it was redirecting back with error, error_description, and parameters. The system then tried to start the login process again, the same error parameters were returned again, and it continued to loop this way. To resolve this issue, handling has been added for this error scenario from the Authorization Server.
SR-D68311 · Issue 535987
Corrected table row highlighting on iPad
Resolved in Pega Version 8.5
A table row was highlighted when clicked on an iPad in landscape view, but when the device was rotated to portrait view the row was not highlighted. This was traced to the background CSS overriding the selected style, and has been corrected by modifying py-responsive-overrides.css.
SR-D86694 · Issue 548669
TeamMembersWidget section include corrected for PortalNav
Resolved in Pega Version 8.5
An error was seen when attempting to include the pyTeamMembersWidget section inside a pyPortalNav section. Investigation showed there was a data corruption in the section. As a local change, it was possible to 'save as' the section to a ruleset and delete the section embedded in the grid, then drag an embedded section layout from Layouts, add it to the grid row, and select pyTeamMembersWidgetRow. As a permanenet resolution, the corrupted section has now been replaced.
SR-D74704 · Issue 535942
Section and navigation rule localization added
Resolved in Pega Version 8.5
Localization has been added for sections and navigation rules that include some of the OOTB rules like Locked and Get help.
SR-D90284 · Issue 551473
Added 'when' condition to class change in ShowColorPicker activity
Resolved in Pega Version 8.5
When using an included color picker control in a section, selecting a color resulted in the color picker pyworkpage class content changing to Embed-Skin-Controls. This has been resolved by modifying the previous behavior of always changing pyWorkPage's obj class as part of the ShowColorPicker activity by adding a 'when' condition to change the class only if it is empty.
SR-D91030 · Issue 550796
Date time control custom length honored
Resolved in Pega Version 8.5
A custom length for the date time control in the Presentation tab was not working. Investigation showed that the Span tag containing the date time controls input box was missing a display:inline-block style attribute, causing the input box to overflow the span tag so the width was set to 100% by default if the date time control had any custom width configured. This has been corrected.
SR-D77359 · Issue 542137
A Filter on the grid shows value for a second click
Resolved in Pega Version 8.5
A Filter on the grid was not showing any record value for a second click. This was traced to a conflict in considering column headers caused by the Filter Icon delegating two Grids, leading the process to take the context of the other Grid instead of the one which had been clicked. To resolve this, a check for the right context of the Grid has been added to the filterOnProperEvent method.