Issue
When opening the email client, the FROM and/or RELPY TO fields display the instance's email address with unicode escaped "<" and ">" characters. Example:
- FROM: ServiceNow Dev <example@service-now.com>
Instead of:
- FROM: ServiceNow Dev <example@service-now.com>
Release
Madrid, New York.
Cause
The 'glide.ui.escape_text' system property is set to FALSE.
- As per the High Security Settings documentation, the property above should be TRUE by default.
"The property glide.ui.escape_text Escape XML values at the parser level for the user interface. Prevents reflected and stored cross-site scripting attacks. Default: Yes"
Resolution
Set the 'glide.ui.escape_text' property to TRUE (requires the security_admin role).
Related Links
Additional details can be found in the High Security Settings documentation.