INC-179448 · Issue 664314
Tracer protections updated
Resolved in Pega Version 8.5.5
Cross-site scripting protections have been updated for Tracer.
INC-182572 · Issue 663555
Support added for multiple host proxy architecture
Resolved in Pega Version 8.5.5
When using an architecture where certain types of users were sent through multiple proxy servers to get the Pega Cloud instance, an exception was generated at the point of accessing the environment. This was traced to the use of Apache 2.4 with mod_proxy. As the request passed through each proxy, the x-forwarded-host header had values appended to it by mod_proxy which resulted in the error "com.pega.pegarules.pub.context.PRSecurityException: Multiple host names in header X-forwarded-Host". This has been resolved by updating the code to support using a multiple host proxy configuration.
INC-184668 · Issue 665956
Check added for null mColumn values while estimating size
Resolved in Pega Version 8.5.5
A null pointer error indicating an issue with AbstractDataPageHandler.estimateDataSize was traced to missing handling for null values in mColumns while calculating size. This has been resolved with the addition of a null check.
INC-159836 · Issue 631205
Resolved unnecessary Apache UIMA Ruta logging
Resolved in Pega Version 8.5.5
A high level of exception logging related to Apache UIMA Ruta was seen under high loads due to annotations in the standard Ruta scripts; this did not impact execution, and has been resolved so only relevant events are logged.
INC-169412 · Issue 648881
Cross-site scripting protections updated for Graph Models
Resolved in Pega Version 8.5.5
Cross-site scripting protections have been updated for Graph Models.
INC-170721 · Issue 658959
Stricter criteria set for reusing an SSAExecutionContext
Resolved in Pega Version 8.5.5
After a Strategy was configured with an existing Proposition Filter and the Explain Results box was unchecked, executing the strategy resulted in the error "Stack is empty, cannot pop any more frames". Investigation showed that the SSAExecutionContext object was reused across the two criteria evaluation in Proposition Filter rule: this works well as long as the input is the same across the two evaluations. However, the SSAExecutionContext object also stashed a reference to a PublicAPI object which became stale in the second evaluation and caused the empty stack issue for the given scenario. This has been resolved by providing stricter criteria in deciding when an SSAExecutionContext can be reused or not in the case of Proposition Filter rule.
INC-171594 · Issue 656182
Spell check correctly applied to email body
Resolved in Pega Version 8.5.5
Spell check was not being applied to email body for text analysis in Email Channel. This has been resolved to work irrespective of case.
INC-173859 · Issue 652639
Corrected compilation error for Decision Data component in Strategy
Resolved in Pega Version 8.5.5
After update, a Decision data component defined in Strategy generated an assembly error when looking for class properties. This was traced to the use of "applies to" Instead of SR class, and has been resolved.
INC-174550 · Issue 658392
Alternative pyLabel source for Auto-generated Proposition Filter added as fall back
Resolved in Pega Version 8.5.5
After using save-as to move an offer/action rule containing eligibility criteria into a new ruleset /branch, the criteria disappeared. Proposition Filter has an explicit dependency on relevant records, and in this scenario investigation revealed all of the relevant records had been previously deliberately deleted. Using save-as on auto-generated CDH rules like actions is also not a best practice. To better handle unexpected actions like these and avoid the hard dependency on Relevant Records, when creating the Proposition Filter via the programatic API the system will fall back to reading the label from the sourcePage if is not possible to get the label from Relevant Record.
INC-175707 · Issue 655346
Multi-level strategy gives correct rules during Batch run
Resolved in Pega Version 8.5.5
When using a nested page structure with multi-level strategies that loop through each page and process the customer, a customer with two linked customers A and B had the results of A overridden by B during Batch Processing while single case canvas testing showed the correct results. This was caused by the DSM clipboard page method of carrying the parent page info not supporting the re-use of pages, and has been resolved by adding an enhancement that will sanitize the strategy stage processor to ensure the correct page reference is used.