com.glide.csp.self_script_src_svg

ServiceNow property description:

Prevent SVG files from accessing external scripts

Attributes

  • Sys ID: f6a043b353133010e5f7ddeeff7b127a
  • Type: true | false
  • Application: Global
  • Default value: true
AI Logo

AI generated property description:

The ServiceNow property `com.glide.csp.self_script_src_svg` is designed to enhance security by preventing SVG files from accessing external scripts. According to the documentation, enabling this property ensures that the `script-src` directive in the Content Security Policy (CSP) for SVG files is set to 'self'. This means that only scripts from the same origin as the SVG file are allowed to execute, thereby mitigating the risk of cross-site scripting (XSS) attacks. This property is particularly useful in environments where SVG files are used and there is a need to control and restrict the execution of potentially harmful external scripts. By default, this property is set to false, and administrators can enable it to enforce stricter security measures.

Source

Related property: com.glide.cs.end_chat_msg