Subject | JAVA Property | Explanation | Type | Default |
|
---|
Security
| blueriq.security.click-jacking-protection.enabled |
Turning Turn clickjack protection on/off. For more information go to Security: Clickjacking protection.
| Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.click-jacking-protection.content-security-policy.default-src | Set the location where content can be loaded from, if no more specific value (for example font for where fonts can be loaded from) is given there is a fallback to this value. For more information see Security: Clickjacking protection. | String | 'self' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.click-jacking-protection.content-security-policy.script-src | Set the location where scripts can be loaded from. For more information see Security: Clickjacking protection. | String | 'self' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.click-jacking-protection.content-security-policy.style-src | Set the location where stylesheets can be loaded from. For more information see Security: Clickjacking protection. | String | 'self' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.click-jacking-protection.content-security-policy.font-src | Set the location where fonts can be loaded from. For more information see Security: Clickjacking protection. | String | 'self' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.click-jacking-protection.content-security-policy.img-src | Set the location where images can be loaded from. For more information see Security: Clickjacking protection. | String | 'self' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.click-jacking-protection.content-security-policy.frame-ancestors | Set the valid parent hosts that may embed Blueriq using <frame>, <iframe>, <object>, <embed> or <applet>. For more information see Security: Clickjacking protection. Available since Blueriq 14.4. Note that Content Security Policy is not supported by Internet Explorer, so this setting will not have an effect on users that still use Internet Explorer. | String | 'self' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.csrf-protection.enabled |
Turning Turn Cross Site Request Forgery protection on/off. For more information go to Security: Cross-site scripting protection.
| Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.strict-transport-protection.enabled |
Turning strict transport protection protection on/offEnables HTTP Strict Transport Security (HSTS). For more information go to Security: HTTP Strict Transport Security.
| Boolean | false | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.x-content-type-protection.enabled |
Turning x-content type protection protection on/offAdd the X-Content-Type-Options header to responses to protect against MIME type sniffing. For more information go to Security: Content sniffing protection.
| Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.enabled |
Turning Turn cross site scripting protection protection on/off. For more information go to Security: Cross-site scripting protection.
| Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.header.enabled |
Turns Turn the X-XSS-Protection HTTP header on/off. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.request-body-validation.enabled |
Turns cross site scripting validator filter on request body on/off. | Enable the X-XSS-Protection on request body. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.request-parameter-validation.enabled | Enable the X-XSS-Protection on request parameters. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.request-url-validation.enabled | Enable the X-XSS-Protection on request url. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.multipart-request-validation.enabled | Enable the X-XSS-Protection on multipart request. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.blacklist.enabled |
Turns Turn the XSS blacklist on/off. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.whitelist.enabled |
Turns Turn the XSS whitelist on/off. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.whitelist.allowed-protocols |
=http,httpsSets Set the whitelisted protocols in URI attributes. Example value: 'http,https,mailto' | Comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.whitelist.allowed-tags |
=b,imgSets Set the whitelisted HTML tags. Example value: 'b,img' | Comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.whitelist.allowed-global-attributes |
=class,titleSets Set the whitelisted attributes allowed on any whitelisted HTML tag. Example value: 'class,title' | Comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.whitelist.allowed-attributes.<tag> |
=<attr1>,<attr2>Sets Set the whitelist attributes allowed on a specific whitelisted HTML tag. Example key: 'blueriq.security.xss-protection.whitelist.allowed-attributes.h1' Example value: 'class' | Key: string Value: comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.whitelist.uri-attributes.<tag>=<attr1>,<attr2> |
Marks Mark which attributes are URI attributes and are subject to the allowed protocols rule. In Java, URI attributes can be defined per tag. In .NET, URI attributes can be defined only globally. | Key: string Value: comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xss-protection.whitelist.max-loop-count |
=5Defines Define a limit on the number of sanitization iterations. | Integer | 5 | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xxe-protection.enabled | Enable XML External Entity (XXE) protection. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xxe-protection.disallow-doctype-decl | Disallow doctype declaration processing in XML-files. Protection is enabled when set to: true. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xxe-protection.load-external-dtd | Enable loading external DTDs in XML-files. Protection is enabled when set to: false. | Boolean | false | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xxe-protection.external-general-entities | Enable processing external general entities in XML-files. Protection is enabled when set to: false. | Boolean | false | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xxe-protection.external-parameter-entities | Enable processing external parameter entities in XML-files. Protection is enabled when set to: false. | Boolean | false | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xxe-protection.xinclude-aware | Enable processing of XML Inclusions (XInclude) in XML-files. Protection is enabled when set to: false. | Boolean | false | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.xxe-protection.expand-entity-references | Enable expansion of entity references in XML-files. Protection is enabled when set to: false. | Boolean | false | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.http.restricted-methods |
=head,optionsSpecifies Specify the methods that should not be allowed while doing HTTP calls. |
For more information go to Security: Block HTTP Methods. Example value: 'head,get,post,options' | Comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.http. |
interactionsruntime.enabled | This property if true enables the default secured access to the runtime interactions. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.login-type | Defines the login type used in Blueriq. |
Possible values: form-login, openid-connect, kerberos. This property is not mandatory and default value is form-login. If If openid-connect is chosen, openid-connect properties have to be defined as well. | One of: - 'form-login'
- 'openid-connect'
- 'kerberos'
| 'form-login' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.redirect-url-whitelist |
Defines Define a whitelist of URLs where the user can be redirected to. If the redirect_uri (for OpenIdConnect login/logout) or the error-redirect (for render document/page and file download) are not in this list, the Runtime will return 400. This list is case sensitive. If the list is empty, any URL is accepted up to version 14.x. From 15.0 onwards, no URLs are accepted when an empty list is provided. | Comma separated list | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.keystore.location | The path to the keystore file to be used as repository for security certificates. | Spring Resource | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.keystore.password | The password of the keystore. | String | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.keystore.default-certificate | Default certificate used to verify signatures when no KeyInfo is provided in the request. | String | empty |
|
blueriq.security.truststore.location | The path to the trust store containing the public keys/certificates of external hosts that should be trusted. | Spring Resource | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.truststore.password | The password for the truststore file. | String | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.truststore.default-certificate | Default certificate used to verify signatures when no KeyInfo is provided in the request. | String | empty |
|
blueriq.security.bcrypt-strength |
Defines Define the BCrypt strength for password hashing. BCrypt is the default encoder in Blueriq. |
Default value : 10
number number between 4-31 Info |
---|
| The higher the number the higher the hashing complexity but also the work to calculate the hash. Each increment is twice as much work. |
Introduced in version 12.13. | Integer | 10 | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.session-fixation-protection.enabled | Turn session fixation on/off. For more information, see Security: Session Fixation protection. Introduced in versions 14.11, 13.13.18 and 12.13.39. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.cors.enabled | Enable response headers related to Cross-Origin Resource Sharing. When disabled, the Same-origin policy implemented in web browsers does not allow scripts with a different origin to call Runtime endpoints. This is the secure default. | Boolean | false | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.cors.allowed-origins | Specify origins for the Access-Control-Allow-Origin response header. | Comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.cors.allowed-methods | Specify methods for the Access-Control-Allow-Methods response header. | Comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.cors.allowed-headers | Specify headers for the Access-Control-Allow-Headers response header. | Comma separated string | empty | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.cookie-same-site.enabled | Turn on the same site attribute for the cookies in blueriq. for more information see: Security: SameSite. Introduced in version 15.0. | Boolean | true | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|
blueriq.security.cookie-same-site.value | Define the value for the same site attribute for the cookies in blueriq. for more information see: Security: SameSite. Introduced in version 15.0. | String | 'strict' | Include Page |
---|
| _PropertiesFileJava |
---|
| _PropertiesFileJava |
---|
|
|