Skip to main content

Resolved Issues

View the resolved issues for a specific Platform release.

Go to download resolved issues by patch release.

Browse release notes for a selected Pega Version.

NOTE: Enter just the Case ID number (SR or INC) in order to find the associated Support Request.

Please note: beginning with the Pega Platform 8.7.4 Patch, the Resolved Issues have moved to the Support Center.

SR-131072 · Issue 203709

Requestor token creation added for PRExternal authentication

Resolved in Pega Version 7.1.9

When using a PRExternal authentication scheme, the csrfsession requestor token was not created. This caused a heavy volume of INFO logging messages in production due to the null token. This authentication path has now been added and the token will be correctly created for use.

SR-131691 · Issue 202207

Improved performance for incorrect password handling

Resolved in Pega Version 7.1.9

When the operator entered the wrong password in the login screen, numerous "Stream Overwritten" alerts appeared the Alert log. There was no workflow problem involved, but the logging indicated that there was an additional unnecessary call being made to Stream Web-Login, and that unneeded call has been removed to improve system performance and remove the error being logged.

SR-A4056 · Issue 211550

Corrected validation error for Extract rule field length

Resolved in Pega Version 7.1.9

A validation error noting that the field length of the table was limited to 30 characters was occurring when trying to check in an Extract rule even if the field value had been shortened. While checking in the extract rule, a block of code in the Rule-Utility-Function validateTreeProperties was recomputing the pagelist's table name instead of using the one provided by the user. The Rule-Utility-Function validateTreeProperties function has been modified to fix the issue.

INC-128533 · Issue 588007

Property check handling updated for Ajax requestor

Resolved in Pega Version 8.6

SECU0001 alerts were seen when submitting a case in the interaction portal. Logging indicated the errors were related to the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties which are included in an Ajax request when they exist in the DOM and the 'pyGeolocationTrackingIsEnabled' when rule is true. The error was traced to a condition where a new thread request results in an unexpected property check that encounters a clipboard which doesn't have any pages created for that thread. To resolve this, the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties have been added to an allow list to handle the unexpected properties check.

INC-130703 · Issue 597254

Operator provisioning on authentication service corrected

Resolved in Pega Version 8.6

When operator provisioning was triggered on user login via authentication service, the error "ModelOperatorName is not valid. Reason: declare page parameters not supported by PropertyReference" was generated. This was traced to optimization work that had been done on the expression evaluation for operator identification, and has been resolved by adding the required GRS Syntax support in the Operator Provisioning section in SAML and OIDC.

INC-133518 · Issue 592228

Context updated for IACAuthentication activity trace

Resolved in Pega Version 8.6

After upgrade, tracing the IACAuthentication activity was not working. Investigation showed that the context object had a null tracer value, which has been resolved by updating the system so the tracer runs with the correct context.

INC-134808 · Issue 590712

Property check handling updated for Ajax requestor

Resolved in Pega Version 8.6

SECU0001 alerts were seen when submitting a case in the interaction portal. Logging indicated the errors were related to the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties which are included in an Ajax request when they exist in the DOM and the 'pyGeolocationTrackingIsEnabled' when rule is true. The error was traced to a condition where a new thread request results in an unexpected property check that encounters a clipboard which doesn't have any pages created for that thread. To resolve this, the 'pxRequestor.pyLatitude' and 'pxRequestor.pyLongitude' properties have been added to an allow list to handle the unexpected properties check.

INC-137709 · Issue 584981

New security role added to restrict access to development-specific classes

Resolved in Pega Version 8.6

A new security role and related RAROs have been implemented to allow better security for end users on non-BAC systems. This restricts access to Rules and execution of activities on classes that are development-specific.

INC-137873 · Issue 596157

Java injection security updated

Resolved in Pega Version 8.6

Protections have been updated against a Java injection.

INC-137874 · Issue 599128

Cross site scripting update for Dev Studio

Resolved in Pega Version 8.6

Cross Site Scripting (XSS) protections have been added to Developer Studio.

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us