SR-A19297 · Issue 237347
Added ability to set custom HTTP security headers
Resolved in Pega Version 7.2.1
XSS protections were interfering with the ability to set custom HTTP headers. To enable this, the system will use dynamic system settings from http/responseHeaders and add them to every HTTP response.
SR-A19351 · Issue 238052
Caching added to improve login speed
Resolved in Pega Version 7.2.1
In order to improve login performance, caching has been added for the following classes accessed from the database on every login: DATA-ADMIN-SECURITY-AUTHSERVICE DATA-BROADCAST DATA-ADMIN-SECURITY-KEYSTORE
SR-A19495 · Issue 237132
Request Only' I/O timeouts updated for Connect HTTP
Resolved in Pega Version 7.2.1
The Request Only checkbox option on Connect HTTP rules is intended to optimize IO latency for fire-and-forget use cases. The code that implements the connector was performing a full request/response HTTP call, even when the Request Only option had been selected. This sometimes caused long IO delays in the connectors. This update leverages the ability of the HTTP client to set a socket read timeout value on the response coming back from the server, which has now been set to 1 millisecond (zero milliseconds is not an option) in the cases when the Request Only feature has been enabled on the connector rule. The HTTP socket connection will time out immediately after the request message has been sent and eliminate any overhead of consuming the HTTP response data. Any connection failures will still be reported as exceptions.
SR-A19503 · Issue 240455
Added configuration field for SOAP response without credentials
Resolved in Pega Version 7.2.1
The system was having difficulty processing a SOAP response if the service did not return an authentication header in the SOAP envelope. This happened when connecting to a SOAP service configured with ws-security username policy which sends only the username but not the password in the SOAP envelope. To correct this, the setting options.setProperty(com.pega.apache.ws.security.handler.WSHandlerConstants.ALLOW_USERNAMETOKEN_NOPASSWORD, "true"); has been added; this option is specific to a connector and is available on the ws-security profile rule form to configure the setting based on the site's SOAP service username policy.
SR-A19539 · Issue 239366
Email listener updates related to DSS settings
Resolved in Pega Version 7.2.1
When sending email with .txt, .png, .docx, or other attachments, the file attachment name was not inlining with other attachment names in the body. This has been fixed. In addition, text attachment names were not listed in the attachments list if DSS was set. The code has now been modified to add the attachment name irrespective of the DSS setting.
SR-A19551 · Issue 240032
LightweightList disabled for dynamic ObjClass + blob
Resolved in Pega Version 7.2.1
If the ObjClass was a property, UseLightWeightList was checked, and the page property .ActivityStatus (data access = Manual) was put in the query to get the blob, Obj-Browse failed with "The property .ActivityStatus was of mode Page List while Read-Only Virtual List.initialize was expecting String mode". Prior to this fix, useLightWeightList was disabled only when the pxObjClass was constant. Since dynamic ObjClass cannot determine the property mode, LightWeightList will be disabled in this scenario to avoid this error.
SR-A19705 · Issue 246975
Hash table logic fixed for invokeMQConnector
Resolved in Pega Version 7.2.1
Logic issues were found and fixed related to hashtable usage for invokeMQConnector.
SR-A19858 · Issue 236943
Dialogue handling updated for WS-Security Profile password
Resolved in Pega Version 7.2.1
The presentation format for the password field of the WS-Security Profile outflow page has been changed to no longer display the password in the clear in any resulting dialogue.
SR-A19871 · Issue 237975
MS Transport supports Global Resource Settings
Resolved in Pega Version 7.2.1
Documentation indicated that the JMS Transport data instance supported GRS syntax, but attempting to do so generated an error. That support is now available as indicated.
SR-A19972 · Issue 238961
Expanded search re-indexing submit methods
Resolved in Pega Version 7.2.1
When creating an index in the 7 series, the Search Landing Page for indexing did not indicate that the page needed to be submitted to enable the indexes before attempting to start the re-indexing process. An error was thrown in the tracer, but nothing was displayed on-screen to indicate why the system hadn't started indexing. To ensure the expected results, the indexing will begin after the "Submit" button is clicked or if the enable indexing check box has been checked to indicate the system has permission to start indexing without having an explicit submit.