Sandbox

Australia API Reference

Release

australia

ft:locale

ko-KR

ft:publication_title

Australia API Reference

ft:clusterId

crapiref

bundleId

crapiref

workflow

Creator

Script sandbox

릴리스 버전: Australia

업데이트 날짜 2026년 03월 12일

소요 시간: 6분

The script sandbox is an environment with restricted rights in which client-generated scripts run when they’re made available to the script sandbox.

The script sandbox helps prevent unauthorized or unauthenticated users from executing privileged script on your instance. There are two cases that allow the client to send scripts to the server for evaluation (client-generated scripts).

Filters or queries: It’s legal to send a filter to the server such as: assigned_to=javascript:getMyGroups().
System API: The API call AJAXEvaluate allows the client to run arbitrary scripts on the server and receive a response.

The script being evaluated via either of these two entry points runs within a reduced-rights sandbox with the following characteristics:

Only those business rules marked Client callable are available within the sandbox.
Only script includes marked Sandbox enabled are available within the sandbox.
Certain API calls (largely but not entirely limited to ones dealing with direct database access) aren’t allowed.
Data can’t be inserted, updated, or deleted from within the sandbox. Any calls to current.update(), for example, are ignored.

주:

Beginning with the Xanadu release, script includes marked as Glide AJAX enabled (previously named Client callable) aren’t accessible within the sandbox. Only those marked Sandbox enabled are available within the sandbox. When upgrading to the Australia release from the Washington DC release or earlier, any script includes marked as Client callable are also marked as Sandbox enabled.

Restricted methods with the script sandbox

These methods aren’t supported in client-generated scripts in the script sandbox.

주:

The GlideSystem (gs) methods log(), logError(), and logWarning() can be enabled with script sandboxing by setting the glide.security.sandbox_no_logging system property to false.

표 1. Restricted methods
Class	Method
GlideRecord	deleteMultiple() deleteRecord() getRowCount() insert() update() updateMultiple()
GlideSystem (gs)	addErrorMessage() addInfoMessage() addMessage() eventQueue() flushMessages() getEscapedProperty() getProperty() log() logError() logWarning() setProperty() setRedirect() setReturn() workflowFlush()
ScopedGlideRecord	deleteMultiple() deleteRecord() insert() update() updateMultiple()
ScopedGlideSystem (gs)	addErrorMessage() addInfoMessage() debug() eventQueue() executeNow() getProperty() getSessionToken() info() setRedirect()
GlideDate GlideDateTime GlideTime	add() addDays() addDaysLocalTime() addDaysUTC() addMonthsLocalTime() addMonths() addSeconds() addWeeks() addYears() compareTo() getByFormat() getDate() getDayOfWeek() getDayOfWeekUTC getDayOfWeekLocalTime() getDayOfMonth() getDayOfMonthLocalTime() getDayOfMonthNoTZ() getDayOfWeek() getDayOfWeekLocalTime() getDayOfWeekUTC() getHourOfDayLocalTime() getHourOfDayUTC() getDaysInMonth() getDaysInMonthUTC() getDaysInMonthLocalTime() getDisplayValueInternal() getDisplayValue() getHourLocalTime() getLocalDate() getLocalTime() getMinutesLocalTime() getMinutesUTC() getMonthLocalTime() getMonthNoTZ() getMonthUTC() getNumericValue() getSeconds() getTime() getTZOffset() getValue() getYear() getUserTimeZone() getWeekOfYearLocalTime() getWeekOfYearUTC() getYearUTC() getYearLocalTime() isDST() onOrAfter() onOrBefore() setDayOfMonthUTC() setDisplayValue() setMonth() setNumericValue() setTZ() setValue() setValueUTC() subtract() toString()
GlideSchedule	add() isInSchedule() Load() whenNext()