You are viewing the documentation for Blueriq 13. Documentation for other versions is available in our documentation directory.

SubjectJAVA PropertyExplanation
Security
















blueriq.security.click-jacking-protection.enabledTurning clickjack protection on/off. For more information go to Security: Clickjacking protection

application.properties

blueriq.security.click-jacking-protection.content-security-policy.default-srcSet the location where content can be loaded from, if no more specific value (for example font for where fonts can be loaded from) is given there is a fallback to this value. For more information see Security: Clickjacking protection.

application.properties

blueriq.security.click-jacking-protection.content-security-policy.script-srcSet the location where scripts can be loaded from. For more information see Security: Clickjacking protection.

application.properties

blueriq.security.click-jacking-protection.content-security-policy.style-srcSet the location where stylesheets can be loaded from. For more information see Security: Clickjacking protection.

application.properties

blueriq.security.click-jacking-protection.content-security-policy.font-srcSet the location where fonts can be loaded from. For more information see Security: Clickjacking protection.

application.properties

blueriq.security.csrf-protection.enabledTurning Cross Site Request Forgery protection on/off. For more information go to Security: Cross-site scripting protection

application.properties

blueriq.security.strict-transport-protection.enabledTurning strict transport protection protection on/off. For more information go to Security: HTTP Strict Transport Security

application.properties

blueriq.security.x-content-type-protection.enabledTurning x-content type protection protection on/off. For more information go to Security: Content sniffing protection

application.properties

blueriq.security.xss-protection.enabledTurning cross site scripting protection protection on/off. For more information go to Security: Cross-site scripting protection

application.properties

blueriq.security.xss-protection.header.enabledTurns the X-XSS-Protection HTTP header on/off.

application.properties

blueriq.security.xss-protection.request-validation.enabledTurns cross site scripting validator filter on request body on/off.

application.properties

blueriq.security.xss-protection.blacklist.enabledTurns the XSS blacklist on/off.

application.properties

blueriq.security.xss-protection.whitelist.enabledTurns the XSS whitelist on/off.

application.properties

blueriq.security.xss-protection.whitelist.allowed-protocols=http,httpsSets the whitelisted protocols in URI attributes.

application.properties

blueriq.security.xss-protection.whitelist.allowed-tags=b,imgSets the whitelisted HTML tags.

application.properties

blueriq.security.xss-protection.whitelist.allowed-global-attributes=class,titleSets the whitelisted attributes allowed on any whitelisted HTML tag.

application.properties

blueriq.security.xss-protection.whitelist.allowed-attributes.<tag>=<attr1>,<attr2>Sets the whitelist attributes allowed on a specific whitelisted HTML tag

application.properties

blueriq.security.xss-protection.whitelist.uri-attributes.<tag>=<attr1>,<attr2>Marks which attributes are URI attributes and are subject to the allowed protocols rule. In Java, URI attributes can be defined per tag. In .NET, URI attributes can be defined only globally.

application.properties

blueriq.security.xss-protection.whitelist.max-loop-count=5Defines a limit on the number of sanitization iterations.
blueriq.security.http.restricted-methods=head,optionsSpecifies the methods that should not be allowed while doing HTTP calls.  For more information go to Security: Block HTTP Methods

application.properties

blueriq.security.http.interactions.enabledThis property if true enables the default secured access to the runtime interactions.

application.properties

blueriq.security.auth-providers.ldap01.url


blueriq.security.login-typeDefines the login type used in Blueriq. Possible values: form-loginopenid-connect, kerberos. This property is not mandatory and default value is form-login. If openid-connect is chosen, openid-connect properties have to be defined as well.

application.properties

blueriq.security.redirect-url-whitelistDefines a whitelist of URLs where the user can be redirected to. If the redirect_uri (for OpenIdConnect login/logout) or the error-redirect (for render document/page and file download) are not in this list, the Runtime will return 400. If the list is empty, any URL is accepted.

application.properties

blueriq.security.keystore.locationThe path to the keystore file to be used as repository for security certificates

application.properties

blueriq.security.keystore.passwordThe password of the keystore

application.properties

blueriq.security.truststore.locationThe path to the trust store containing the public keys/certificates of external hosts that should be trusted

application.properties

blueriq.security.truststore.passwordThe password for the truststore file.

application.properties

blueriq.security.bcrypt-strength

Defines the BCrypt strength for password hashing. BCrypt is the default encoder in Blueriq.

Default value : 10 

Applicable values : number between 4-30

Performance impact

The higher the number the higher the hashing complexity but also the work to calculate the hash. Each increment is twice as much work. 

Introduced in version 12.13

application.properties

blueriq.security.session-fixation-protection.enabled

Turns session fixation on/off. For more information, see Security: Session Fixation protection

Default value: false

Introduced in 13.13.18

application.properties





  • No labels