Require authorization for XML output requests [Updated in Security Center 1.3]

Watch

Save as PDF

Share this page

Feedback

HomeVancouver Platform securityPlatform SecurityHardening settingsAPI and web serviceRequire authorization for XML output requests [Updated in Security Center 1.3]

Table of Contents

Require authorization for XML output requests [Updated in Security Center 1.3]

Release version:
Vancouver
Yokohama
Xanadu
Washington DC
UpdatedFeb 1, 2024
1 minute read

Vancouver
Now Platform Security

The Vancouver release is no longer supported. As such, the product documentation and release notes are provided for informational purposes only, and will not be updated.

Configure this property so that basic authorization is required for all inbound XMLOutputProcessor requests.

If the glide.basicauth.required.xmloutputprocessor property is not set to the recommended value of true, then basic authorization is not required for inbound XMLOutputProcessor requests which could lead to unauthenticated information disclosure from the instance.

Warning: This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.

More information

Search:


Attribute	Description
Configuration name	glide.basicauth.required.xmloutputprocessor
Configuration type	System Properties (/sys_properties_list.do)
Data type	boolean
Recommended value	true
Default value	true
Category	API and web service
Security risk	Severity score: 7.5 CVSS score: High Security risk details: Not setting the property to the recommended value of true could lead to sensitive information being leaked from the instance.
Dependencies and prerequisites	None

Vancouver Platform security

Filters

Versions

Products