glide.ui.concourse.onmessage_enforce_same_origin_whitelist

ServiceNow property description:

List of trusted origins we allow to propagate messages (sent via window.postMessage) in the UI. Origins must be separated by a comma, line breaks can negatively affect page rendering.

Attributes

  • Sys ID: 9850fac573612300d68ed5fdbdf6a73c
  • Type: string
  • Application: Global
  • Default value: nan
AI Logo

AI generated property description:

The ServiceNow property `glide.ui.concourse.onmessage_enforce_same_origin_whitelist` is used to specify a list of trusted origins that are allowed to propagate messages sent via `window.postMessage` in the UI. This property enhances security by ensuring that only messages from specified, trusted origins are accepted, thereby preventing potential cross-origin scripting attacks. The origins must be listed in a comma-separated format, and it is important to avoid line breaks as they can negatively impact page rendering. This property is particularly useful in scenarios where cross-origin iframe communication is necessary, but security needs to be maintained. Proper configuration of this whitelist ensures that only authorized sources can interact with the ServiceNow instance through postMessage.

Source

Related property: glide.ui.concourse.onmessage_enforce_same_origin