You are viewing the documentation for Blueriq 13. Documentation for other versions is available in our documentation directory.
Subject | JAVA Property | Explanation | |
---|---|---|---|
Security | blueriq.security.click-jacking-protection.enabled | Turning clickjack protection on/off. For more information go to Security: Clickjacking protection |
|
blueriq.security.click-jacking-protection.content-security-policy.default-src | Set the location where content can be loaded from, if no more specific value (for example font for where fonts can be loaded from) is given there is a fallback to this value. For more information see Security: Clickjacking protection. |
| |
blueriq.security.click-jacking-protection.content-security-policy.script-src | Set the location where scripts can be loaded from. For more information see Security: Clickjacking protection. |
| |
blueriq.security.click-jacking-protection.content-security-policy.style-src | Set the location where stylesheets can be loaded from. For more information see Security: Clickjacking protection. |
| |
blueriq.security.click-jacking-protection.content-security-policy.font-src | Set the location where fonts can be loaded from. For more information see Security: Clickjacking protection. |
| |
blueriq.security.csrf-protection.enabled | Turning Cross Site Request Forgery protection on/off. For more information go to Security: Cross-site scripting protection |
| |
blueriq.security.strict-transport-protection.enabled | Turning strict transport protection protection on/off. For more information go to Security: HTTP Strict Transport Security |
| |
blueriq.security.x-content-type-protection.enabled | Turning x-content type protection protection on/off. For more information go to Security: Content sniffing protection |
| |
blueriq.security.xss-protection.enabled | Turning cross site scripting protection protection on/off. For more information go to Security: Cross-site scripting protection |
| |
blueriq.security.xss-protection.header.enabled | Turns the X-XSS-Protection HTTP header on/off. |
| |
blueriq.security.xss-protection.request-validation.enabled | Turns cross site scripting validator filter on request body on/off. |
| |
blueriq.security.xss-protection.blacklist.enabled | Turns the XSS blacklist on/off. |
| |
blueriq.security.xss-protection.whitelist.enabled | Turns the XSS whitelist on/off. |
| |
blueriq.security.xss-protection.whitelist.allowed-protocols=http,https | Sets the whitelisted protocols in URI attributes. |
| |
blueriq.security.xss-protection.whitelist.allowed-tags=b,img | Sets the whitelisted HTML tags. |
| |
blueriq.security.xss-protection.whitelist.allowed-global-attributes=class,title | Sets the whitelisted attributes allowed on any whitelisted HTML tag. |
| |
blueriq.security.xss-protection.whitelist.allowed-attributes.<tag>=<attr1>,<attr2> | Sets the whitelist attributes allowed on a specific whitelisted HTML tag |
| |
blueriq.security.xss-protection.whitelist.uri-attributes.<tag>=<attr1>,<attr2> | Marks which attributes are URI attributes and are subject to the allowed protocols rule. In Java, URI attributes can be defined per tag. In .NET, URI attributes can be defined only globally. |
| |
blueriq.security.xss-protection.whitelist.max-loop-count=5 | Defines a limit on the number of sanitization iterations. | ||
blueriq.security.http.restricted-methods=head,options | Specifies the methods that should not be allowed while doing HTTP calls. For more information go to Security: Block HTTP Methods |
| |
blueriq.security.http.interactions.enabled | This property if true enables the default secured access to the runtime interactions. |
| |
blueriq.security.auth-providers.ldap01.url | |||
blueriq.security.login-type | Defines the login type used in Blueriq. Possible values: form-login, openid-connect, kerberos. This property is not mandatory and default value is form-login. If openid-connect is chosen, openid-connect properties have to be defined as well. |
| |
blueriq.security.redirect-url-whitelist | Defines a whitelist of URLs where the user can be redirected to. If the redirect_uri (for OpenIdConnect login/logout) or the error-redirect (for render document/page and file download) are not in this list, the Runtime will return 400. If the list is empty, any URL is accepted. |
| |
blueriq.security.keystore.location | The path to the keystore file to be used as repository for security certificates |
| |
blueriq.security.keystore.password | The password of the keystore |
| |
blueriq.security.truststore.location | The path to the trust store containing the public keys/certificates of external hosts that should be trusted |
| |
blueriq.security.truststore.password | The password for the truststore file. |
| |
blueriq.security.bcrypt-strength | Defines the BCrypt strength for password hashing. BCrypt is the default encoder in Blueriq. Default value : 10 Applicable values : number between 4-30 Performance impact The higher the number the higher the hashing complexity but also the work to calculate the hash. Each increment is twice as much work. Introduced in version 12.13 |
| |
blueriq.security.session-fixation-protection.enabled | Turns session fixation on/off. For more information, see Security: Session Fixation protection Default value: false Introduced in 13.13.18 |
|