Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Issue with HTML field – users can’t update values (Zurich release)

Go to solution
Joatan Fontoura
Tera Guru

‎10-24-2025 11:07 AM

Hi everyone,

I’m facing an issue with an HTML-type field in one of my tables. Non-admin users — who have access to the table and its fields — are unable to insert values into this field when creating a new record, or update it in existing records.

At first, I suspected it was related to ACLs. So, I created an ACL with the “create” operation for this specific field, and then users were able to insert values during record creation. However, when I created a similar ACL with the “write” operation, it didn’t work — users still can’t update the field value afterward.

What’s strange is that this field belongs exclusively to this table, which rules out the possibility of inheriting ACLs from a parent table.

Is there any known restriction or security behavior that applies specifically to HTML fields by default in ServiceNow?

One more detail: I have the same table and field in another instance running Xanadu, and the issue does not occur there. The problem happens only in an instance running Zurich.

Thanks in advance for any insights!

Labels:
0 Helpfuls
  • 1,399 Views
2 ACCEPTED SOLUTIONS

Go to solution
Mani23
Giga Guru

‎10-27-2025 02:08 AM - edited ‎10-27-2025 05:28 AM

Hi Joatan,

I guess it is because of 'Scripting Governance Tool' which is part of Zurich release. It happens to HTML fields as it is possible to use script tag.

 

Please check the below article
https://www.servicenow.com/community/servicenow-ai-platform-articles/why-your-admins-can-t-script-po...

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB2538150

https://www.servicenow.com/docs/bundle/zurich-platform-security/page/administer/security/concept/scr...

 

Best Regards,

Mani

View solution in original post

Go to solution
Ankita Sharma
Tera Expert

‎10-30-2025 10:26 PM

Hi Joatan,

In the Zurich upgrade, a new field type ACL is introduced for HTML fields (*.[html]).
This ACL is associated with a specific role that’s linked to the Conditional Script Writer group.

As a result, users who are not part of this group will be unable to view HTML-type fields on forms.

To resolve the issue, simply add the affected users to the Conditional Script Writer group. Once added, they’ll be able to see the HTML fields as expected.

If my response helped, please mark it as correct.

Regards

Ankita

View solution in original post

6 REPLIES 6

Go to solution
Joatan Fontoura
Tera Guru

‎10-31-2025 08:28 AM

@Mani23 and @Ankita Sharma, you are right! It's happening because Scripting Governance Tool. When I added the users to the group Conditional Script Writer - that contains the role "snc_required_script_writer_permission" - they were able to write on HTML field. Thank you!

Go to solution
Feiry
Tera Contributor

a week ago

There is another solution, as adding users to the Conditional Script Writer group might be the best option based on the priviliges that come with the role associated to the group. You can create deny unless ACLs for the concerned fields with the appropriated role, this will solve this issue.

0 Helpfuls