Learn how to configure the glide.translated_html.sanitize_all_fields property to the secure value to ensure that all translated_html elements are sanitized with an HTML sanitizer.

When the glide.translated_html.sanitize_all_fields property is set to true, all translated_html elements are sanitized with an HTML sanitizer. If the property is set to false, only elements with the dictionary attribute html_sanitize set to true will be sanitized. This sanitization helps prevent attackers from embedding malicious content that could lead to cross-site scripting (XSS) attacks.

More information

Attribute Description
Configuration name glide.translated_html.sanitize_all_fields
Configuration type System Properties (/sys_properties_list.do)
Data type Boolean
Recommended value true
Default value true
Category Validation, sanitization, and encoding
Security risk
  • Severity score: 4.6
  • CVSS score: Medium
  • Security risk details: Not configuring this property to the secure value of true, doesn’t sanitize all HTML elements, which increases the likelihood of a bad actor embedding malicious content in a field.
Dependencies and prerequisites None
Functional impact Allows customers to access any table information if the widget is set to public and included in the property's value.