SN System Properties Reference
Property reference

com.glide.csp.self_script_src_svg

The com.glide.csp.self_script_src_svg property prevents SVG files from accessing external scripts. This enhances security by mitigating potential vulnerabilities associated with SVG file handling, making it crucial for administrators to monitor and adjust as needed.

Default: true Type: boolean Application: Global

Key questions about this property

The answers below summarize the purpose, scope, default effect, and review scenarios for this property.

What does it do? This property is a boolean setting that, when enabled, restricts SVG files from loading external scripts, thereby improving application security.
What area does it affect? Security and Content Security Policy
What does the default mean? The default value is "true", which means this behavior is enabled by default.
When should you review it? Review this property when assessing security configurations or during security audits.

Out of the box property record

Raw metadata from the property record.

Property name com.glide.csp.self_script_src_svg
Sys ID f6a043b353133010e5f7ddeeff7b127a
Type boolean
Application Global
Default value true
Description Prevent SVG files from accessing external scripts
Updated 2024-05-25 04:07:40

Sources

Official references and nearby text excerpts where this property appears.

Documentation excerpt View supporting context
Context preview Snippet 1
... Triggers are created after LLM topics are published during the NLU to LLM topic migration workflow. • Type: true | false • Default: true • Location: System Property [sys_properties] table com.glide.csp.self_script_src_svg WHen enabled, prevents malicious file attachments that store cross site scripting (XSS) attacks from running in an instance. For more information, see Set safe content security policy for SVG files ...
Documentation excerpt View supporting context
Context preview Snippet 2
... (Medium‎ References High Security Settings To learn more about adding or creating a system property, see Add a system property . Set safe content security policy for SVG files The com.glide.csp.self_script_src_svg property adds the script-src none directive to the HTTP Content-Security-Policy header when Scalable Vector Graphics (SVGs‎ are accessed through the Translation Memory Index (IIX‎ file extension. The com.glide.csp.self_script_src_svg system property ...
Additional source link Another external reference for this property
Open reference