Quicker Way To Dynamically Add Options

There are many scenarios when you want to dynamically populate a select box with the appropriate options. ServiceNow have even given us a shortcut method to populate the choice field in the GlideForm API using g_form.addOption.

This is usually adequate for populating select fields. However, if you have a large number of values that you need to add, you may notice a performance hit on the end users screen (of course as it’s client side, this is dependant on a number of factors including, but not limited to, browser specification, operating system, machine specification).

This was brought to my attention on a project I was working on and I was tasked with finding a solution. I had one of two routes to go down:

  1. Remove the dynamic select field
  2. Find a more efficient way of adding the options

As the select field was a requirement, I of course went for option 2 (plus it seemed a lot more fun to solve! 🙂 ). Let’s take a closer look shall we…

Continue reading

iFrame Not Resizing In CMS

Not sure who here is working on content management pages using iFrames but there is a bug within SN (i think only becomes an issue in IE rather than firefox, but I can’t remember since they’ve blocked firefox useage here). The issue is that when the iframe is loaded, the size of the iframe automatically gets resized according to the content of the form.

Working in the CMS, you’ll probably be using iFrames a lot, Even though they’re out of fashion now, they do the job for what we need in ServiceNow. Except in one scenario. Let me explain…
Continue reading

Client Side GlideRecord Security


This bug had me scratching my head and pulling my hair out for a good couple of days before I finally realised there must be a bug. Let me explain….

Server side GlideRecords do not adhere to ACLs. For example, if you have a write rule on a field which prevents anyone from writing to this field, if a UI action attempted to write to this field using a server side GlideRecord it would work just fine.

This is intended as an end user cannot run custom GlideRecords themselves so any attempt at any CRUD (create, read, update and delete) operation is actually intended by the ServiceNow implementer.

As anyone can write a custom client side GlideRecord using any browsers javascript console, client side GlideRecords must follow and evaluate all CRUD rules. So far so good right? Wrong! CRUD rules on client side GlideRecords aren’t evaluated quite right!

Continue reading