- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
If the "glide.ui.concourse.onmessage_enforce_same_origin_whitelist" property value is empty, does this mean that no origins have access or any origins have access?
Thanks,
Jay
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @jalwine ,
When the glide.ui.concourse.onmessage_enforce_same_origin_whitelist property in ServiceNow is empty, it means no origins are allowed. In other words, messages from any origins or embedded frames will be blocked unless their origin is explicitly listed...
How It Works:
This system property acts as a whitelist for cross origin iframe communication. If left blank, everything is denied only origins specified in the list are permitted to communicate with ServiceNow via postMessage or OpenFrame.
____________________________________________________________________________________________________
If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
As per documentation, you need to enable this property to allow the cross-origin communication between iframes. See 'Functional Impact' section, it means the content is not allowed if not defined in the property.
If this helped to answer your query, please mark it helpful & accept the solution.
Thanks,
Bhuvan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @jalwine ,
When the glide.ui.concourse.onmessage_enforce_same_origin_whitelist property in ServiceNow is empty, it means no origins are allowed. In other words, messages from any origins or embedded frames will be blocked unless their origin is explicitly listed...
How It Works:
This system property acts as a whitelist for cross origin iframe communication. If left blank, everything is denied only origins specified in the list are permitted to communicate with ServiceNow via postMessage or OpenFrame.
____________________________________________________________________________________________________
If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/
