Post upgrade to London, have you ever faced issues with new client side scripts that uses DOM objects like document.getElementByID, gel or jQuery or prototype or window objects and they are not working in Service Now? Of course using these methods are not a best practice recommendation but there are cases where you cannot avoid them due to unavailability of OOB methods. I have seen many users stuck with this issue, Unfortunately you wont find much documentation about it.
With London, new client side scripts are executed in strict mode which means you cannot run scripts that contains any of the above mentioned objects. Service Now has introduced a new field labelled "Isolate script" on all client side scripts like Client scripts, UI Policies, UI Actions, Catalog Client Scripts, Catalog UI Policies and it is set to TRUE for all new configurations. If you want to get your script running, you need to change its value to FALSE. This field is not displayed on form but you can add it on form or list layout and then update.
For example, I need to write a new client side script to hide attachments completely on my incident form for specific role users. I could use g_form.disableAttachments() but it would only hide the attachment paper clip icon and not the actual attachment files on the incident. I would need to write some DOM manipulation script to achieve this requirement. I have written the following onLoad() client script but somehow it is not working for me.
You could see the Isolate script is set to TRUE by default, this script would only execute if I uncheck the Isolate script or make it to FALSE and this applies to all types of client side scripts. For all existing configurations before London (both OOB & custom), Service Now has set the Isolate script to False so it wont impact any of your existing scripts. For all new configurations that were introduced as part of London(or future releases), the Isolate script is set to True.
The Isolate script disables this feature on script basis but if you need to disable it completely, then you should create a new system property on sys_properties table with name as "glide.script.block.client.globals", Type as true/false and set its value to false. This will disable the security feature for all scripts in the global scope. The property name vary for scoped applications with an addition of scope name as its prefix. For eg sn_customerservice.glide.script.block.client.globals would be the property name used for Customer Service application.
Related Knowledge Article - KB0694479
22 Comments
