Adding link in the worknotes using servicenow api

Nowshad · ‎10-05-2018

Hi,

I am new to this community and new to SNOW. We are using servicenow API to create a RITM after completing some automated tasks. There is a client requirement to add the KB article as a link in a worknotes of a RITM. We are using the html tags <a> href </a> between [code] [/code].

After sending the request, we can see the whole text including tags in the worknotes and not as link.

Can anyone please help us to resolve this ASAP. Attached the code we are using.

- Nowshad

Ahmmed Ali · ‎10-05-2018

Hello,

Here is the comment i got from another thread in community.

Whenever you add the code tags in notes field, be mindful of any security implications, depending on how tight security is within your organization. See below

2.6 Allow Embedded HTML Code

The glide.ui.security.allow_codetag property disables support for embedding HTML code by using the [code] tag. ServiceNow mitigates many injection and cross-site attacks by implementing escaping and encoding techniques. As a result, users cannot write/submit HTML formatted inputs for journal fields. But, journal fields have the ability to render text enclosed within code tags as HTML.

There is an associated security risk. If the glide.ui.security.allow_codetag property is set to true, any malicious user can write harmful HTML JS code that may be executed on a different client browser after the journal fields are rendered.

ServiceNow Security recommends setting this property to false so that administrators can prevent journal fields from rendering HTML code by disabling support for the [code] tag.

https://community.servicenow.com/community?id=community_question&sys_id=c2820721dbd8dbc01dcaf3231f961993

Thanks,

Ali

If I could help you with your Query then, please hit the Thumb Icon and mark my answer as Correct!!

Thank you,
Ali