SR-B37958 · Issue 296563
Radio button error highlight fixed for grids
Resolved in Pega Version 7.3
When a radio-button was configured as mandatory in a grid column, submitting the page without filling in the mandatory field did not correctly highlight the error. This was caused by the system not being able to find the correct label for the associated elements, and code has been added to find the correct label when the radio button is inside a grid.
SR-B38101 · Issue 299647
Corrected DateTime corruption
Resolved in Pega Version 7.3
If "Display value using read-only formatting" was selected for a Date field, entering an invalid value caused the resulting HTML DOM to be displayed incorrectly when the page was refreshed. This was traced to missing handling for the exception resulting from the invalid data, and has been fixed.
SR-B38262 · Issue 295697
Fixed case error in DayOfMonth property
Resolved in Pega Version 7.3
When trying to add a DateTime Property/Column with function 'Day of the month', an exception was generated. This was due to an error in the wrapper creating the Function Alias name 'DayofMonth' instead of the correct 'DayOfMonth', and has been fixed.
SR-B38290 · Issue 295916
Fixed screen truncation with Mashup
Resolved in Pega Version 7.3
Screen content was truncated on refresh when using Web Mashup with Firefox and Microsoft Internet Explorer 11. The resize harness has been updated to call pega.Mashup in a timeout in order to fix this.
SR-B38297 · Issue 300607
Save button with close fixed for Internet Explorer with Mashup
Resolved in Pega Version 7.3
When using a createNewWork Mashup that has a button for Save with the 'Close After Save' option checked, the call to close the work object was never fired. This was traced to Internet Explorer excluding the port number while considering cross domains, and has been fixed by adding a pega.Mashup check along with crossFrame.
SR-B38317 · Issue 295056
Password expiry logic updated to use start of day
Resolved in Pega Version 7.3
Previously, the password expiry logic was based on a tight format of number of days+ timeStamp. This caused scenarios such as not prompting for a password reset when user logs in, but rather at the exact time stamp of the previous change even if that comes in the middle of work and throws the user out of the session. To avoid this behavior, the password expiry logic is now based on number of days logic with timeStamp defaulted to start of day (00.00) taking care of locale and getting difference in number of days.
SR-B38339 · Issue 302549
Commented out unnecessary external link from jsonscript.js
Resolved in Pega Version 7.3
During a vulnerability scan it was noted that jsonscript.js contained a link to external site. This was a link to a library in the public domain that is not necessary for the script to function, and it has been commented out.
SR-B38602 · Issue 296751
Login error message modified for increased security
Resolved in Pega Version 7.3
When an operator was configured to use External authentication and then attempted to login through other servlets, the error message included the operator ID. This could be used maliciously to discover valid IDs on the system, so in order to improve security, the process has been modified to remove the ID from the failure message. If authentication fails, the message "The information you entered was not recognized." will be displayed and the system will log an error message in the PegaRULES log file with the actual message "Error authenticating , : This user must use external authentication."
SR-B38602 · Issue 297290
Login error message modified for increased security
Resolved in Pega Version 7.3
When an operator was configured to use External authentication and then attempted to login through other servlets, the error message included the operator ID. This could be used maliciously to discover valid IDs on the system, so in order to improve security, the process has been modified to remove the ID from the failure message. If authentication fails, the message "The information you entered was not recognized." will be displayed and the system will log an error message in the PegaRULES log file with the actual message "Error authenticating , : This user must use external authentication."
SR-B38627 · Issue 298635
Calendar icon refresh updated for Internet Explorer browser
Resolved in Pega Version 7.3
Intermittent responsiveness issues were seen when trying to select/pick date from calendar icon. This issue was traced to the combination of having the "Contract ID" option enabled and using the Internet Explorer browser, leading to unexpected refresh of particular scripts used in the section. The script timing has been modified to resolve the issue.