INC-144591 · Issue 601614
Oauth and beanutils jars upgraded
Resolved in Pega Version 8.3.5
The third party Oauth2 jars and commons-beanutils jar have been updated to the latest versions.
INC-134808 · Issue 590713
Property check handling updated for Ajax requestor
Resolved in Pega Version 8.3.5
SECU0001 alerts were seen when submitting a case in the interaction portal. Logging indicated the errors were related to the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties which are included in an Ajax request when they exist in the DOM and the 'pyGeolocationTrackingIsEnabled' when rule is true. The error was traced to a condition where a new thread request results in an unexpected property check that encounters a clipboard which doesn't have any pages created for that thread. To resolve this, the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties have been added to an allow list to handle the unexpected properties check.
INC-140101 · Issue 597636
System will attempt to decrypt data ending in "+"
Resolved in Pega Version 8.3.5
Encrypting and decrypting one specific email address was not working properly when showing on the UI. It was possible to force a decryption using decryptproperty, but Pega generated an error. This was due to the actual encrypted value ending with '+', which conflicted with a system check that skips decryption if the encrypted property value ends with + . To resolve this, the system will attempt to decrypt the property even when encryptedText ends with + .
INC-137874 · Issue 599130
Cross-site scripting update for Dev Studio
Resolved in Pega Version 8.3.5
Cross Site Scripting (Cross-site scripting) protections have been added to Developer Studio.
INC-139705 · Issue 595169
Documentation update for Security Settings for DX API
Resolved in Pega Version 8.3.5
Information on the pyDXAPIEncodeValues application setting has been added to the Security Settings for DX API article under the Application settings sub-section. The Pega Platform version that supports the pyDXAPIEncodeValues application setting is mentioned in the Supported UI capabilities article.
INC-148154 · Issue 602921
Hot Fix Manager updated to use installation order for schema import
Resolved in Pega Version 8.3.5
Schema changes were not being imported during the hot fix manager DL import process. Investigation showed this was due to hotfixes in the DL being iterated over from newest to oldest, causing older hotfixes to replace the value added to a map by the newer. To resolve this, the system has been updated to use hotfix install order, which considers selected and dependent hotfixes, rather than ordering newest to oldest. This ensures that newer table representations will override older rather than the other way around.
INC-144399 · Issue 599715
Custom dropdown controls updated for classnames
Resolved in Pega Version 8.3.5
After upgrade, a customized format for Dropdowns was not picked up. This was due to recent changes made to Class name attributes to ensure they are populated for all controls, and was caused by the CSS selector not picking the necessary DOM element. This has been resolved.
INC-136793 · Issue 585605
Updates made to display busy indicator correctly in Google Chrome 84
Resolved in Pega Version 8.3.5
The Pega busy indicator was not displaying correctly in Google Chrome 84 due to changes in that browser. The needed updates have been made to adjust for these changes.
INC-143795 · Issue 599474
Acdatasource_driver call updated
Resolved in Pega Version 8.3.5
When Acdatasource_driver was invoked directly, an exception was generating indicating "This activity may not be called directly from input". This was related to recent refactoring work done, and has been resolved by modifying the code to call the acdatasource_driver activity through pzRunActionWrapper.
INC-138309 · Issue 591150
Added busy state reset to reenable buttons after custom frame cancel
Resolved in Pega Version 8.3.5
When using a custom iFrame in a section that called a third-party URL, clicking on cancel for the popup "Do you want to stay on this page or leave it?" caused the screen to freeze. This was traced to the cancellation of the dirty page setting a busy state which disabled all the buttons and did not have a path to recovery. This has been resolved by updating the busy state so it will reset when the user chooses to cancel the changes and reenable all the buttons.