SN System Properties Reference
Property reference

glide.security.use_csrf_token

The glide.security.use_csrf_token property enables the use of a secure token for validating incoming requests. This helps prevent cross-site request forgery attacks, making it crucial for maintaining application security.

Default: true Type: boolean Application: Global

Key questions about this property

The answers below summarize the purpose, scope, default effect, and review scenarios for this property.

What does it do? It configures the system to require a secure token for incoming requests, enhancing protection against CSRF attacks.
What area does it affect? Security and Request Validation
What does the default mean? The default value is "true", which means this behavior is enabled by default.
When should you review it? Review this property when assessing application security measures or during security audits.

Out of the box property record

Raw metadata from the property record.

Property name glide.security.use_csrf_token
Sys ID f9f03ca50a0a0bb5658db64889d967cb
Type boolean
Application Global
Default value true
Description Enable usage of a secure token to identify and validate incoming requests. This token is used to prevent cross site request forgery attacks.
Updated 2024-05-25 04:30:29

Sources

Official references and nearby text excerpts where this property appears.

Documentation excerpt View supporting context
Context preview Snippet 1
... instance user. With the help of social engineering attacks, a user can submit a malformed request on behalf of the attacker on the instance. Either update the value of the glide.security.use_csrf_token system property to true OR insert this system property with a value of true. Documentation sn_SE10206 1 Suggest Optional: CSRF Strict Validation should be enabled Cross site Request Forgery is ...
Documentation excerpt View supporting context
Context preview Snippet 2
... false for upgraded instances • Location: For new instances, this property is available on the System Property [sys_properties] table. For upgrades, Add the property to the System Property [sys_properties] table. glide.security.use_csrf_token Enables usage or a secure token to identify and validate incoming requests. This token is used to prevent Cross Site Request Forgery (CSRF) attacks. For more information, see Enable Anti-CSRF ...
Documentation excerpt View supporting context
Context preview Snippet 3
... in an authenticated user. This property enables usage of a secure token to identify and validate incoming requests. This token is used to prevent cross site request forgery attacks. If glide.security.use_csrf_token is not set to the recommended value of true, then CSRF is possible. • Old description: Cross-Site Request Forgery (CSRF‎ is an attack that forces authenticated users to submit a ...
Documentation excerpt View supporting context
Context preview Snippet 4
... form select Open in CMDB Workspace to view CI health in the CI Health tile in CMDB Workspace. This operation requires the sn_cmdb_user (CMDB user) role. Note: ◦Ensure that the glide.security.use_csrf_token property is set to true, allowing all results to appear. ◦When Level is set to Up to 2nd level relationships, the relationship type does not appear in the query results. ...
Additional source link Another external reference for this property
Open reference