Require authorization for RSS requests [Updated in Security Center 1.3]

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 2분

    • Use the glide.basicauth.required.rss property to designate if incoming RSS requests should require basic authentication.

    More information

    경고:
    This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.
    Attribute Description
    Property name glide.basicauth.required.rss
    Configuration type System Properties (/sys_properties_list.do)
    Category API and web service
    Purpose To enforce basic authentication on RSS requests.
    Recommended value true
    Security risk rating 7.5
    Functional impact This remediation enforces a combination of authentication methods, in the form of basic authentication and system level access control.
    • It performs this authentication while processing RSS requests on the instance.
    • It restricts any guest users who are currently accessing this data. If applicable, you may need to create a new account for users who need access to this content, with necessary access control permissions.

    To learn more, see RSS feed generator.
    Security risk (High) Without appropriate authorization configured on the incoming RSS requests, an unauthorized user can get access to sensitive content/data on the target instance.
    References

    RSS basic authentication