instance security hardening - glide.security.url.whitelist - need details for this system property

sri_
Tera Contributor

glide.security.url.whitelist - created this system property (snapshot attached) to check its nature of operation but turned out as a fail. When logout from the admin user or a newly created user from the PDI, its not working as expected (enforces validation on logout page). Its redirecting to this page 'https://devXXXXXX.service-now.com/navpage.do'. But, the whitelist doesn't contain this URL. I wonder where it goes wrong. It would be great if someone expert in this could help out. And also if its working, like throwing error or blocking the redirect to malicious site, how to handle it. Thanks.

3 REPLIES 3

Sarah Wood
Administrator
Administrator

Hi there - I would recommend posting in the Platform Privacy & Security forum to get a response there. In the meantime, the following product documentation may be helpful for you: 

URL allow list for logout redirects (instance security hardening)

Multi-SSO (SAML 2.0) errors and fixes

Redirect single sign-on (SSO) logins

 

sri_
Tera Contributor

Thanks for your guidance. I appreciate it.

sri_
Tera Contributor

Thanks for you guidance. I appreciate it.