Script sandbox environment

  • Release version: Zurich
  • Updated May 5, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Script sandbox environment

    The script sandbox environment in ServiceNow provides a restricted execution context for running untrusted, client-generated scripts on the server. When scripts are sent to the server, a server-side evaluator determines if they are trusted. Trusted scripts run in the normal JavaScript engine, while untrusted scripts run within the sandbox environment to enhance security.

    Show full answer Show less

    Untrusted scripts typically originate from client input such as filter or query parameters in URLs or through system APIs like AJAXEvaluate. The sandbox restricts these scripts to prevent unauthorized actions, such as database modifications or calling unapproved APIs.

    Key Restrictions in the Sandbox

    • Only business rules marked Client callable and script includes marked Sandbox enabled can be executed.
    • Data modification operations (insert, update, delete) are disallowed; for example, calls like current.update() are ignored.
    • Certain direct database access APIs are blocked.
    • Script includes marked as Glide AJAX enabled are not accessible within the sandbox starting with the Xanadu release.

    Script Sandbox Evaluators

    From the Zurich Patch 9 release onward, two evaluators enforce different restriction levels on untrusted scripts:

    • Guarded script evaluator: Enforces strict security by supporting only a limited domain-specific language (DSL) subset of JavaScript and rejecting incompatible scripts. It fully enforces guest transactions and varies evaluation based on instance type for authenticated users.
    • Script sandbox evaluator: Allows more JavaScript features but restricts API usage to prevent unsafe operations.
    Characteristic Guarded script evaluator Script sandbox evaluator
    Purpose Enhanced security with restricted scripting language. Prevents unsafe script execution by limiting APIs.
    JavaScript support Single simple expression/function call; limited APIs. Supports most JavaScript except for restricted APIs/methods.
    When it runs Untrusted scripts without guarded-script exemption. Scripts with guarded-script exemption or during detection phase for authenticated users.
    Script includes Run outside sandbox in application scope. Run outside sandbox in application scope.

    Practical Implications for ServiceNow Customers

    This sandbox environment protects your instance from potentially harmful client-generated scripts by restricting their capabilities and API access. When dealing with untrusted scripts, expect limited database interaction and controlled API usage to maintain security and stability. Understanding these evaluators helps you manage script trust levels and compliance with ServiceNow’s security model, especially when upgrading releases or developing client-server integrations.

    The script sandbox environment is a restricted execution context in which untrusted, client-generated scripts run on the server using one of two evaluators: the guarded script evaluator or the script sandbox evaluator.

    Script sandbox environment overview

    When a script is sent to the server, a server-side script evaluator determines whether the script is trusted. Trusted scripts run in the JavaScript engine. Untrusted scripts run in the restricted sandbox environment instead.

    Note:
    The sandbox does not apply to script includes, which run in the application scope outside of the sandbox, or to client-side scripts.
    Untrusted scripts are client-generated and sent to the server for evaluation in the following ways:
    • Filter or query parameters: Filter and query parameters in URLs can send scripts to the server with HTTP requests, such as when a logged-out user follows a link containing a javascript: filter parameter.
    • System APIs: The AJAXEvaluate API call allows the client to run arbitrary scripts on the server and receive a response.
    Within the sandbox, the following restrictions apply to scripts:
    • Only business rules marked Client callable can be called.
    • Only script includes marked Sandbox enabled can be called.
    • Certain API calls, mostly limited to ones dealing with direct database access, aren’t allowed.
    • Data can’t be inserted, updated, or deleted from within the sandbox. For example, any calls to current.update() are ignored.
    Note:
    Beginning with the Xanadu release, script includes marked as Glide AJAX enabled (previously named Client callable) aren’t accessible within the sandbox. Only those marked Sandbox enabled are available within the sandbox. When upgrading to the Zurich release from the Washington DC release or earlier, any script includes marked as Client callable are also marked as Sandbox enabled.

    Script sandbox evaluators

    Beginning with the Zurich Patch 9 release, the sandbox uses two evaluators to enforce different levels of restrictions:

    • Guarded script evaluator: Enhances instance security by supporting only a restricted scripting language and rejecting untrusted scripts that are incompatible. Guest transactions are fully enforced immediately. Scripts sent by authenticated users are evaluated differently depending on the instance type.
    • Script sandbox evaluator: Helps prevent executing untrusted scripts on an instance by limiting the APIs available to scripts.
    Table 1. Comparison of the guarded script evaluator and script sandbox evaluator
    Characteristic Guarded script evaluator Script sandbox evaluator
    Purpose Provides enhanced security for scripts that run in the sandbox. Uses a domain-specific language (DSL) that permits only a small set of JavaScript features. Supports additional JavaScript but restricts certain APIs for scripts.
    JavaScript support Only a single simple expression or function call and only certain APIs. Features supported by the JavaScript engine except for certain API and method restrictions.
    When it runs Evaluates untrusted scripts that haven't been granted a guarded-script exemption. Evaluates untrusted scripts under the following conditions:
    • A script has been granted a guarded-script exemption (manually or automatically).
    • When guarded script is in Phase 1: Detection, and a script is sent to the server by an authenticated user.
    Script includes Not applicable: script includes run outside the sandbox in the application scope Not applicable: script includes run outside the sandbox in the application scope

    For details about each evaluator, including JavaScript restrictions, see the following topics and the Server-Side Sandbox Runtime Replacement [KB2944435] article on the Now Support Knowledge Base.