Display recommendations for high risk UI pages
Decrease the likelihood of authorization errors, and unintended information disclosure by displaying recommendations for high risk UI pages.
Use the glide.script.ui_page.customer_scoped.security_msgs_enabled system property to determine whether to display security recommendations to users configuring UI pages when:
- An ACL is missing
- GlideRecord/GlideDBQuery APIs are used instead of GlideRecordSecure
- the page is configured as public in the "sys_public" table
When the property is enabled, recommendations when the preceding conditions are met, decreasing the likelihood of authorization errors, and helping prevent unintended information disclosure.
Set the system property glide.script.ui_page.customer_scoped.security_msgs_enabled to true to display these recommendations.
More information
| Attribute | Description |
|---|---|
| Technical configuration name |
glide.script.ui_page.customer_scoped.security_msgs_enabled |
| Plugin applicability | None |
| Security risk | Setting this system property to false increase the likelihood of authorization errors, and unintended information disclosure. |
| Common Vulnerability Scoring System (CVSS) score | 5.3 |
| Common Vulnerability Scoring System (CVSS) rating | Medium |
| Functional impact | Displays security recommendations to users configuring UI pages. |
| Dependencies and prerequisites | None |
| Data type | Boolean |
| Base system value | true |
| Fallback value | true |
| Recommended value | true |
To learn more about adding or creating a system property, see Add a system property.