Thank you for your feedback.
Form temporarily unavailable. Please try again or contact to submit your comments.

Script includes

Log in to subscribe to topics and get notified when content changes.

Script includes

Script includes are used to store JavaScript that runs on the server.

Create script includes to store JavaScript functions and classes for use by server scripts. Each script include defines either an object class or a function.

Consider using script includes instead of global business rules because script includes are only loaded on request.

Script include form

Script includes have a name, description and script. They also specify whether they are active or not, and whether they can be called from a client script.

To access script includes, navigate to System Definitions > Script Includes.
Table 1. Script include form
Field Description
Name The name of the script include. If you are defining a class, this must match the name of the class, prototype, and type. If you are using a classless (on-demand) script include, the name must match the function name.
Client callable Makes the script include available to client scripts, list/report filters, reference qualifiers, or if specified as part of the URL.
Application The application where this script include resides.
Accessible from
Sets which applications can access this script include:
All application scopes
Can be accessed from any application scope.
This application scope only
Can be accessed only from the current application scope.
Active Enables the script include when selected. Uncheck the active field to disable the script include.
Description Provides descriptive content regarding the script include.
Script Defines the server side script to run when called from other scripts.

The script must define a single JavaScript class or a global function. The class or function name must match the Name field.

Package The package that contains this script include.
Created by The user who created this script include.
Updated by The user who most recently updated this script include.
Protection policy
Sets the level of protection for the script include:
Allows anyone to read and edit this downloaded or installed script include.
Allows anyone to read values from this downloaded or installed script include. No one can change script values on the instance on which they download or install the script include.
Provides intellectual property protection for application developers. Customers who download the script include cannot see the contents of the script field. The script is encrypted in memory to prevent unauthorized users from seeing it in plain text.
Related lists on the form view:
Versions Shows all versions of the script include. Use this list to compare versions or to revert to a previous version. See Versions.

Use script includes

Script includes are found under System Definition or System UI. You can call existing script includes from a script.

To create an entirely new script include, you can follow the format of any of the existing script includes. In the example, the name of your Script Include is 'NewInclude' and there is a single function called 'myFunction.' It is important that the name of the script include match the name of the class, prototype, and type. When you create a new script include and give it a name, the system provides you a code snippet with the class and prototype set up properly.

var NewInclude =Class.create();
   initialize :function(){},
   myFunction :function(){//Put function code here},
   type :'NewInclude'};

You could then use the 'myFunction' line like this:

var foo =new NewInclude();
Note: Try not to modify a ServiceNow supplied script include. If you want a script include that does something similar to an existing one, copy it and make changes to the copy or consider extending the object. This is a common practice when using GlideAjax.

Privacy settings

The privacy setting for a client-callable script-include can be public or private. Most client-callable script-includes are marked private by default.

The private privacy-setting means that guests who access public pages cannot access the client-callable script-include. A private script cannot be executed by a non-logged-in user.

A public privacy-setting means that the client script can be executed by non-logged-in users that create an appropriate HTTP request. This can create a security problem if the client script provides confidential information.

The following script includes remain public by default because public pages need to access them:
  • GlideSystemAjax
  • SysMessageAjax
  • KnowledgeMessagingAjax
  • KnowledgeAjax
  • PasswordResetAjax

Change privacy on all client-callable script includes

How to change the privacy on all client-callable script includes.

To provide further control over all client-callable script includes, administrators can add the property glide.script.ccsi.ispublic. This property changes the visibility of client-callable script includes by making them all public or private. Configure the property as follows:

Table 2. Configure property
Title Property
Name glide.script.ccsi.ispublic
Type true|false
Value false
Figure 1. Client-callable script includes public property

Change privacy on a single client callable script include

Change the privacy setting for a single client-callable script include by adding the isPublic() function.

The isPublic() setting takes precedence over the glide.script.ccsi.ispublic property. For example, if the property is set to false making all client-callable script-includes private, and a script sets isPublic() to true, the script is public.

To change the privacy for a single client-callable script include, add the following method to the script include:

An example to make the client script NewInclude private.
var NewInclude =Class.create();
   myFunction:function(){//Put function code here},
   isPublic:function(){return false;},