INC-136264 · Issue 582472
Chatbot text starts scroll at top of answer
Resolved in Pega Version 8.5.1
In order to present an improved interface for customers interfacing with chatbots, the code has been updated so that the recipient's chat scroll will remain at the top of an answer that would scroll off the screen.
INC-139018 · Issue 587715
Rules updated to handle Outlook change that displayed multiple/duplicate email responses
Resolved in Pega Version 8.5.1
In Pega Email Triage case, all the replies were displayed along with the original email body, meaning for each and every reply, Pega showed the original email body and duplicated the data. This was traced to an update made by Microsoft in the Selector function of Outlook Windows, and has been resolved by updating the rules 'PyExtractLatestReplyFromHTML' and 'pyRichTextEmailHistorySelector' to work with this change.
INC-135849 · Issue 582939
Encrypted SOAP response token generation updated
Resolved in Pega Version 8.5.1
After configuring a SOAP service that used signature and encryption on the response, the response being created was incorrect and could not be decrypted by the receiver. Investigation showed that the API used to generate the SOAP headers was not setting the wsse11:TokenType element, causing receivers which enforce BSP compliance to fail. This has been resolved by modifying the custom webservices-rt-pega2 jar to set the token type in the case of a response encryption policy.
INC-138354 · Issue 584722
Handling added for samesite cookies with httpOnly
Resolved in Pega Version 8.5.1
After enabling samesite cookies on Google Chrome to support Mashup login, intermittent issues were seen with a non-mashup login where entering the OperatorID and password only resulted in a refresh of the login screen. This was traced to a scenario where an httponly cookie attribute was present along with samesite cookie attributes, and has been resolved by adding handling for a condition where samesite is set and httpOnly is enabled.
INC-130145 · Issue 582855
Null checks added for the presence of roles and dependent roles
Resolved in Pega Version 8.5.1
Frequent Null Pointer errors were being generated relating to SecurityAnalysisForSecurityAdministratorsTask.getCurrentSecurityTaskDetails(). Investigation showed that the Origin and Stack trace tabs were empty, leading to the obj-open of the role failing when the role was not available in the system being utilized. This has been resolved by adding a series of null checks for role existence and dependent roles existence.
INC-139867 · Issue 588757
Additional security for encrypted passwords
Resolved in Pega Version 8.5.1
Handling and cleanup has been updated for encrypted values to enhance security.
INC-134315 · Issue 578366
Resolved 400 error on second browser session
Resolved in Pega Version 8.5.1
When accessing application URLs in two tabs of a browser window, logging into the second session was throwing a 400 invalid request. This has been resolved by adding specified activities to an allow list which will bypass URLObfuscation in un-authenticated mode. Non-listed activities will be processed using URLObfuscation if it is enabled.
INC-130500 · Issue 580623
Cross-site scripting protections updated for authorization
Resolved in Pega Version 8.5.1
Cross-site scripting protections have been updated for various URLs associated with authorization.