Catalog Client Scripts rules

The below table shows the list of ServiceNow catalog client scripts rules that are checked by Quality Clouds.

See the  for designing and implementing client scripts.


Description

Severity

Area of impact

Possible extra-sensitive PII usage in configuration element - GenderHighSecurity
Possible extra-sensitive PII usage in configuration element - ReligionHighSecurity
Possible use of private dataWarningSecurity
Possible PII usage in configuration element - NationalityWarningSecurity
Possible PII usage in configuration element - AddressWarningSecurity
Possible PII usage in configuration element - EmailWarningSecurity
Possible PII usage in configuration element - PassportWarningSecurity

JavaScript - Avoid use of Function Constructors

High

Security

JavaScript - Avoid use of WebDB

High

Security

JavaScript - Avoid use of debugger statementsHighSecurity
JavaScript - Avoid unrestricted targetOrigin on cross-domain messagingHighSecurity
JavaScript - Avoid making connections on unsafe protocolsWarningSecurity
JavaScript - Avoid use of Eval functionHighSecurity
Javascript - Avoid use of alert functionLowScalability
Javascript - Avoid use of local storage on Client ScriptsHighSecurity
JavaScript - Optimize LoopsWarningPerformance
JavaScript - Use === comparisonWarningManageability
Catalog Client Scripts with hard-coded sys_idsMediumManageability
Document Object Model (DOM) manipulation in Catalog Client ScriptsHighManageability
Synchronous AJAX call in Catalog Client ScriptsHighPerformance
Catalog Client Scripts should not use unsupported scripting APIsHighManageability
Catalog Client Scripts with the console.log debugging methodMediumPerformance
GlideRecord usage on Catalog Client ScriptsHighPerformance
Catalog Client Scripts with empty script fieldLowPerformance
Catalog Client Scripts without functionMediumScalability
Modified Out of the Box ElementWarningScalability




Last modified on Jun 3, 2020