Specify excluded attachment file types (instance security hardening)
When the exclusion list validation is enabled in the ServiceNow AI Platform, use the glide.attachment.blacklisted.types property to create a comma-delimited list of restricted uploadable file types. Uploading of the specified file types is restricted.
Prerequisites
Set this property before setting the glide.security.attachment_type.use_blacklist property to true. To learn more, see Enable blacklist for attachments.
More information
| Attribute | Description |
|---|---|
| Property name | glide.attachment.blacklisted.types |
| Configuration type | System Properties (/sys_properties_list.do) |
| Configure in Instance Security Center | Yes |
| Purpose | Restrict upload (Insert/Write/Update) operation of attachments with questionable file types. Example : text/html. |
| Recommended value | Some Defined File Types (For example: text/html,text/csv). |
| Functional Impact | No functionality impact unless there is an attempt to upload any file type that is specified under this property. |
| Security risk | (Medium) A malicious user can upload malware infected attachment with common executable file types. |
| Workaround | Properties are available in base system functionality that address the same issue with inclusion listing rather than with exclusion listing. To learn more, see: |
To learn more about adding or creating a system property, see Add a system property.