Enforce relative links

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • Use the glide.cms.catalog_uri_relative property to enforce relative links from the URI parameter on /ess/catalog.do.

    The glide.cms.catalog_uri_relative system property enforces relative links from the URI parameter on /ess/catalog.do. If glide.cms.catalog_uri_relative is not set to the recommended value of true, then the URL isn't sanitized with the enforceRelativeURL(url) function.

    Note:
    This property impacts the legacy Content Management System (CMS) which has been replaced with Service Portal.

    Ensure that the property glide.cms.catalog_uri_relative is set to true.

    More information

    Attribute Description
    Configuration name glide.cms.catalog_uri_relative
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value <none>
    Fallback value false
    Category Validation, sanitization, and encoding
    Security risk
    • Severity score: 2.6
    • CVSS rating: Low
    • Security risk details: Absolute URLs can pose a security risk when used as a part of parameter or a field value, thus redirecting the source page to an adversary-controlled website.
    Functional impact This remediation enforces validation on Catalog page such that only Relative URLs are permitted. Existing links to external web applications become broken.
    Dependencies and prerequisites None