glide.ui.escape_all_script

ServiceNow property description:

Forces all scripts injected in Jelly to be escaped by default. Use noesc: to preserve special characters.

Attributes

  • Sys ID: 3e7fde301b111000b4a49e3bcc0713f5
  • Type: true | false
  • Application: Global
  • Default value: true
AI Logo

AI generated property description:

The ServiceNow property `glide.ui.escape_all_script` ensures that all scripts injected in Jelly are escaped by default, enhancing security by preventing the execution of potentially harmful scripts. This property mitigates the risk of cross-site scripting (XSS) attacks by treating script content as plain text rather than executable code. If there is a need to preserve special characters within the script, the `noesc:` directive can be used to bypass the default escaping behavior. This approach provides a balance between security and flexibility, allowing developers to selectively enable script execution where necessary. The documentation emphasizes the importance of this property in maintaining a secure environment by controlling how scripts are handled within Jelly templates.

Source

Related property: glide.html.escape_script