Knowledge Article
BMC Helix SmartIT - ServiceException: System has Identified Malicious Content in the Payload when Editing Knowledge Article - INCLUDES VIDEO
The error message "System has Identified Malicious content in the Payload when Editing Knowledge Article" is shown when saving a knowledge article.
Remedy with Smart IT
Remedy with Smart IT
SmartIT 20.02, SmartIT 21.3.x, Smart IT all version
When modifying a Knowledge Article in SmartIT, the following error appears: Error - "ServiceException: System has identified malicious content in the payload" This is because of Cross-Site Scripting Stored Knowledge Article. The error could be reproduced on demand if we add Java Script or following Sample code in Source while creating a Knowledge Article that will trigger error. Sample Code: <p> </p> <rt autofocus="" oncopy="alert(2)" style="display:block" tabindex="1" value="XSS"><strong>test </strong></rt> <p> </p> When reviewing the Smart IT debug logs for the article that is erroring out, you will see entries similar to the following log snippet: c981537d7fd | ERROR | c.b.bsm.myitsm.util.JSOUPCleaner | Unsafe tag : font attribute is: color="#000000" for element <font class="fnt2" color="#000000" size="2" style="color: rgb(0, 0, 0);"><strong>Description:</strong><br> <font class="fnt3" color="#000000" size="3" style="color: rgb(0, 0, 0);"><font color="#000000" style="color: rgb(0, 0, 0); font-family: Calibri; font-size: 8pt;"> The JSOUPCleaner is marking a number of tags as unsafe, and rendering the "ServiceException: System has identified malicious content in the payload" error message. Error Screenshot: |
New CCS Feature for Jsoup cleanup in SmartIT 20.08
This is related to the new functionality introduced in 20.08 SmartIT CCS parameter called 'jsoupEnabledUrlsForKnowledge'. This setting is enabled by default. When enabled, the Jsoup clean filter is applied while creating and updating a knowledge article. The Jsoup clean filter checks on the KA tags and attributes and flag them as unsafe if deemed as such, unless those tags are whitelisted in "jsoupWhiteListedTags" parameter. To disable 'jsoupEnabledUrlsForKnowledge' settings, perform the following steps: 1) Login to ITSM -> AR System Administration -> Centralized Configuration. 2) Open Component Type "com.bmc.arsys.smartit". 3) Look for the Setting Name "jsoupEnabledUrlsForKnowledge" and delete the default setting value of "knowledge/all,knowledge/create" (this setting value will be blank/empty). 4) Click on Apply. 5)Test and validate the error is now long generated. If you'd like to use the JSOUP cleanup on Knowledge articles, you can add certain tags to be whitelisted and re-enable the above setting again. You can find more details about these new CCS parameters here: https://docs.bmc.com/docs/smartit2008/setting-configuration-parameters-for-smart-it-928591394.html Look under 'Configuration to pass the tags of knowledge articles'. |
Attachment(s):