Notifications

51 views

Symptoms


When using Internet Explorer to access ServiceNow, some reports on a Homepage will not load.

Release


All

Cause


The system property 'glide.ui.escape_text' is most likely set to false. ServiceNow recommends this property be kept to the OOB value of true in order to prevents reflected and stored cross-site scripting attacks.

This issue stems from the query being used by the reports, which likely contain special characters such as <>!= that are not being escaped properly. The reason why this issue only occurs in IE is due to a difference in behavior between browsers. While Chrome and Firefox have built-in preventative measures which will handle the issue more elegantly, IE will throw an error when it encounters un-escaped characters which in turn breaks the report functionality. Note that this only affects graphical reports (line, pie, etc.). List reports should still work regardless of the property value.

Resolution


Set the system property 'glide.ui.escape_text' to true.

Additional Information


Documentation:

- High Security Settings | https://docs.servicenow.com/bundle/kingston-platform-administration/page/administer/security/concept/c_HighSecuritySettings.html

Article Information

Last Updated:2018-08-09 15:16:34
Published:2018-08-09