side effects to turn on glide.ui.security.allow_codetag

georgechen · ‎06-11-2017

Hey folks,

I was wondering if any side effects to turn on glide.ui.security.allow_codetag in Istanbul patch 5 release. Based on the Audit Compliance recommendations, the default setting on this option is on, please refer to Search

however, none of the finding at my end has found it has a negative impact to the instance ?

Would anyone advise ?

Thanks in advance.

georgechen · ‎01-31-2018

Hi Giri,

The impact of disabling glide.ui.security.allow_codetag that I am aware of is that the html tag will not take effect any more but showing as plain text. e.g if you had <a href='https://www.google.com'>Click here to open Google</a>. It displays literally the text "<a href='https://www.google.com'>Click here to open Google</a>", instead of hyperlink of 'Click here to open Google'

Thanks,

abdul guelzim · ‎10-31-2018

This also impacts the ability to attach KBAs to a ticket form that have rich text. Is there any remedy to that while keeping glide.ui.security.allow_codetag setting to 'No'?

guythatusesserv · ‎08-24-2023

I know this is an old post, but it came up in search, so I thought I'd share a couple of affected items in case others need to know.

1. MS Teams integration. The MS Teams integration writes HTML to the work notes fields that is illegible if this property is set to false. We opened a support ticket and the answer is basically, yep, either set the property to true or have poorly formatted notes from MS Teams. See image.

2. Discovery logs - Discovery does certain logs to journal fields that are not very legible. We set the property to true in our dev environment so the Discovery team is able to easily understand the notes from Discovery.