How to remove the HTML tag in the List?
Sometimes we need to use HTML fields or our customers add a HTML in your own list, in fact when we're using a HTML field in the some module like incident, request or a custom module and in the list HTML tags is displayed our user experience is depreciated, i'm facing this customer behavior for several years and i'm writing this to rember and discuss IF you would like to.
I'm using this example to illustrate what happens, How the screen looks like:
What is expected:
How to Configure:
| Image | Description |
 | 01. Elevate Roles |
 | 02. Select the checkbox "security_admin" and click OK |
 | 03. sys_properties.list |
 | 04. filter glide.ui.escape_html_list_field property |
 | 05. Update value = false |
| 06. | |
| 07. |
WHAT YOU NEED TO KNOW (Implications of Change):
The glide.ui.escape_html_list_field property has a recomendable value that need to be considered folowing the best practices described in "High Security Settings" for Escape HTML for HTML fields in a list view.
- Default value: Yes
- Instance Security Hardening Settings: Escape HTML (instance security hardening)
The system property glide.ui.escape_html_list_field escapes HTML for HTML fields in a list view. HTML is one of the types that can be assigned to the dictionary fields. Assigning "HTML" fields to any field type provides functionality to the user to format the content using HTML codes (for example, <p>,<a href>,<b>,<font>,<img> etc.). When you see the table list (for example, /problem_list.do) or view the list of records, these HTML formatted fields may appear if that column is selected in a list view and if this property is set to false. A malicious user can inject HTML code within the form field to execute unwanted scripts on different client/user sessions. It is recommended to set this property to true so that HTML escaping is performed before the records/fields are rendered in the browser when the table is displayed as a list view.
reference: Escape HTML, Escape HTML should be enabled, Why is unfiltered output dangerous?
ALSO when we're talking about list
- Use the record number or other unique information as the first column. Do not use a reference field as the first column. Clicking a reference value opens the referenced record, not the record that references it.
- Do not display HTML, long string or journal fields, or other overly complex fields in list views.
- Limit the number of columns to prevent horizontal scrolling.
- Review the list controls and list UI actions to understand which users have access to the related operations.
- For performance reasons, consider limiting the number of records that a list can show per page. Users can use the title menu to Show more or fewer records per page. The available values are 10, 15, 20, 50, and 100, by default. Keep in mind that lists displaying more rows per page load more slowly. This is most noticeable when a form contains related lists with many records.
- To change the available rows per page options, navigate to System Properties > System and locate the property 'Items per page' drop-down options (comma separated, no spaces). Enter the values you want to make available to users.
Conteúdos Servicenow em Português
.
