SR-A100558 · Issue 271513
Oversized file null-pointer exception resolved
Resolved in Pega Version 7.3
A 413 exception was being generated by uploading files with a size greater than the Initialization/MaxFileUploadSize DSS value. The controls have been modified with a check to restrict properly restrict file size during this process.
SR-A100558 · Issue 274795
Oversized file null-pointer exception resolved
Resolved in Pega Version 7.3
A 413 exception was being generated by uploading files with a size greater than the Initialization/MaxFileUploadSize DSS value. The controls have been modified with a check to restrict properly restrict file size during this process.
SR-A102969 · Issue 273954
XSS security update for error.jsp
Resolved in Pega Version 7.3
The error.jsp file has been updated for better XSS security with WebSphere and Firefox.
SR-A80436 · Issue 278157
Federated Case Management GetNextWork function resolved
Resolved in Pega Version 7.3
When an operator had Work Basket configured with Federated Case Management, the Get Next Work function generated an error. This was due to the GNW settings from the operator IDs of the 'remote' systems not being correctly respected, and has been resolved.
SR-A80436 · Issue 278967
Federated Case Management GetNextWork function resolved
Resolved in Pega Version 7.3
When an operator had Work Basket configured with Federated Case Management, the Get Next Work function generated an error. This was due to the GNW settings from the operator IDs of the 'remote' systems not being correctly respected, and has been resolved.
SR-A83892 · Issue 264462
CreateOperator parameter added to HaveAttachmentSpecificAccess RUF
Resolved in Pega Version 7.3
The HaveAttachmentSpecificAccess RUF has been updated to better handle custom 'when' rules for restricting the ability to delete an attachment. To support cases where only the operator who attached the file has permission to delete it, the pxCreateOperator parameter has been added to the attachment page for use in checking whether the creator of the attachment is the current user.
SR-A96514 · Issue 275326
Updated encryption logic for URL obfuscation
Resolved in Pega Version 7.3
If URL obfuscation was enabled and the incoming URL had non-ASCII characters (or UNICODE) characters in it, the encryption process was failing due to the incorrect length of byte array formation in padding logic. This logic error has been corrected.
SR-A97323 · Issue 266550
XSS filtering added to pzDisplayModalDialog
Resolved in Pega Version 7.3
XSS filtering has been added to the pzDisplayModalDialog to improve security.
SR-B10347 · Issue 279670
Attachment icons display correct type
Resolved in Pega Version 7.3
The attachment icon was not reflecting the attachment type. This was caused by an error in the pzWorkAttachmentIcon control which caused the File name to be passed as empty, resulting in a failure to fetch the correct image name. This has been fixed.
SR-B10406 · Issue 279344
Custom operator images work in IE
Resolved in Pega Version 7.3
Custom operator images (using pxOperatorImage control) were not properly displayed in the Internet Explorer browser. This was traced to a malformed URL generated by the pxOperatorImage control, and has been fixed.