SR-D75097 · Issue 539515
Improved handling against formula injection attacks in Export to ExcelJJ
Resolved in Pega Version 8.3.3
Every time a possibly vulnerable cell value was found during Export to Excel, the value on that cell was modified to prevent a formula injection attack. If the value was non numeric, it would still render an apostrophe, although it should be hidden. Previous work on this issue involved the addition of a DSS which allowed this security to be disabled if the Excel was going to be consumed by an external tool, but the security implementation used to protect against calculation injection has reworked the ExcelSecurity utility function to allow the ability to change the cell style of a cell that is potentially vulnerable to formula injection attacks. This change no longer changes the cell value but instead applies a new cell style that has quotePrefix enabled.
SR-D83060 · Issue 547918
Repaired History class report column sorting
Resolved in Pega Version 8.3.3
Attempting to sort any of the columns in a report using the History class did not render the results and the error "Cannot render the section" appeared. Tracer showed a Fail status for some out-of-the-box activities with the message "java.lang.StringIndexOutOfBoundsException". Investigation showed the logic in pzMergeAutoGenForProp activity was failing because the pyIsFunction property was not set on the UIField pages for function columns. To resolve this, the logic for pzMergeAutoGenForProp has been modified to get pyIsFunction from the field name.
SR-D83373 · Issue 545750
Stage Label name displayed in chart
Resolved in Pega Version 8.3.3
When pyCaseStatusControl was used, the cases label was displayed as $label instead of the Case Name. This was related to the version of Fusion Charts included, and has been resolved for this release by modifying library code in fusioncharts.js to fix the issue in datasetrollover listener code. Fusion Charts will be upgraded in v8.5 for a more complete solution to this issue.
SR-D79796 · Issue 544947
Updates made for deprecated Fusion chart styles
Resolved in Pega Version 8.3.3
Trying to change the background colors or font sizes for the values on the x-axis and y-axis in a report was not working. This was traced to Fusion deprecating the use of `<styles>` definitions with the introduction of JavaScript charts, and has been resolved by updating the code to compensate for this change.
SR-D86864 · Issue 548092
Very long auto-generated index trimmed for use in Report Browser
Resolved in Pega Version 8.3.3
The creation of a new report via the user report browser failed if there was an index with a long name (over 30 characters). The out-of-the-box method automatically generated the prefix, but the Report editor could not handle the very long declare index name and as a result did not consider properties from the embedded pages. To resolve this, pzUpdateAssociation and pzInsertNewReportColumn have been updated to trim the prefix for the declare index to 30 characters and allow for adding a new column to the report. This work does not cover adding a new filter to the report, as that fix would require substantial changes to reporting logic.
INC-137009 · Issue 581892
Ad hoc reports saved successfully in private categories
Resolved in Pega Version 8.5.1
After upgrade, an error was seen when attempting to save an ad hoc report in a private category. Saving in a public category worked as expected. This was traced to the Rule-Shortcut.Validate activity, which attempted to use the Rule-Shortcut's RuleSet to find the Rule-Category. To resolve the saving issue, the Rule-Shortcut.Validate activity has been updated to do an Obj-Open on the Category instead.
INC-136643 · Issue 583367
Orphaned CSS reference removed from DisplayReport harness
Resolved in Pega Version 8.5.1
An intermittent invalid CSS error was appearing in the DisplayReport harness when an operation resulted in the regeneration of the harness content. This was traced to a reference to the workform_pyReportingSkin CSS, which was used in old reporting features and is not in use anymore. The reference has been removed to resolve this issue.
INC-131942 · Issue 574321
Orphaned CSS reference removed from DisplayReport harness
Resolved in Pega Version 8.5.1
An intermittent invalid CSS error was appearing in the DisplayReport harness when an operation resulted in the regeneration of the harness content. This was traced to a reference to the workform_pyReportingSkin CSS, which was used in old reporting features and is not in use anymore. The reference has been removed to resolve this issue.
INC-135719 · Issue 580691
Corrected reference exception for filter on a grid sourced from a parameterized report definition
Resolved in Pega Version 8.5.1
An Invalid Reference Exception was thrown after attempting to apply a filter on a grid sourced from a parameterized report definition. This was traced to work done to allow cross-scripting filters to allow filters to contain special characters, and has been resolved.
INC-137317 · Issue 585402
Security improved for searches
Resolved in Pega Version 8.5.1
Authentication requirements have been added to activities associated with searching.