Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Search for | Example | Results |
---|---|---|
A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Search for | Operator | Example |
---|---|---|
Two or more words in the same topic |
|
|
Either word in a topic |
|
|
Topics that do not contain a specific word or phrase |
|
|
Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
A combination of search types | ( ) parentheses |
|
Support for blocking attachments with certain file extensions
To prevent potentially dangerous attachment files from being submitted to Service Manager, Service Manager provides support for blocking certain types of attachments submitted through the Windows and web clients, as well as through web services, based on a pre-defined list of forbidden file extensions.
At startup, the web tier and the Windows client retrieve the forbidden list, which is stored in the extensionstate table in the database; if no list is available, the clients use a default list of forbidden file types stored on the client side (see Default forbidden list of attachment file extensions). The clients block attachments as follows:
- When users attempt to attach a file whose extension is in the forbidden list to a record , the clients disallow attaching of the file and display an error (where <filetype> is the file extension): "File type: <filetype>, is not allowed as an attachment."
-
If the clients retrieve an existing attachment whose extension is included in the forbidden list, the clients append ".UNSAFE" to the file name to prevent the file from being automatically ‘run’ on the user’s machine.
During web services processing, if a transaction submits or retrieves a file as an attachment whose extension is included in the forbidden list, the server appends “.UNSAFE” to the submitted or retrieved file name.
System Administrators can add, delete, and update records in the extensionstate table to customize the forbidden list of attachment file extensions. For details, see Customize the forbidden list of attachment file extensions.
If a search engine is installed and connected to the system, System Administrators also need to update the sclib knowledgebase records, to include .unsafe to the list of file extensions that should be skipped for knowledgebase indexing. See Add .unsafe to the list of file extensions to skip for knowledgebase indexing.
Additional protection from the web client side
The web client provides additional protection using a so-called "whitelist" to control what types of attachments are allowed to be submitted to Service Manager. From the web client, you can submit only attachments whose file types are in this whitelist. In the out-of-box system, this whitelist includes the following file types, which are considered safe:
- bmp
- jpg
- jpeg
- png
- gif
- txt
- log
- unl
- csv
This whitelist is defined in the web tier configuration file (web.xml) as shown below (see the four "allowed" parameters highlighted in bold). You can adjust the list at your own risk.
<servlet> <description>File Upload Servlet.</description> <display-name>File Upload Servlet</display-name> <servlet-name>FileUpload</servlet-name> <servlet-class>com.hp.ov.sm.client.webtier.FileUploadServlet</servlet-class> <init-param> <param-name>allowed</param-name> <param-value>bmp,jpg,jpeg,png,gif,txt,log,unl,csv</param-value> </init-param> </servlet> <servlet> <description>Image Upload Servlet.</description> <display-name>Image Upload Servlet</display-name> <servlet-name>ImageUpload</servlet-name> <servlet-class>com.hp.ov.sm.client.webtier.FileUploadServlet</servlet-class> <init-param> <param-name>allowed</param-name> <param-value>bmp,jpg,jpeg,png,gif</param-value> </init-param> <init-param> <param-name>success</param-name> <param-value>../imageUploaded.jsp</param-value> </init-param> </servlet> <servlet> <description>Attachment upload servlet</description> <display-name>Attachment Upload Servlet</display-name> <servlet-name>AttachmentUpload</servlet-name> <servlet-class>com.hp.ov.sm.client.webtier.FileUploadServlet</servlet-class> <init-param> <param-name>allowed</param-name> <param-value>bmp,jpg,jpeg,png,gif,txt,log,unl,csv</param-value> </init-param> <init-param> <param-name>success</param-name> <param-value>../attachmentUploaded.jsp</param-value> </init-param> </servlet> <servlet> <description>Attachment upload servlet for AJAX request</description> <display-name>Attachment Upload Servlet for AJAX request</display-name> <servlet-name>AttachmentUploadAjax</servlet-name> <servlet-class>com.hp.ov.sm.client.webtier.FileUploadAjaxServlet</servlet-class> <init-param> <param-name>allowed</param-name> <param-value>bmp,jpg,jpeg,png,gif,txt,log,unl,csv</param-value> </init-param> </servlet> <servlet> <description>Unique attachment upload servlet</description> <display-name>Unique Upload Servlet</display-name> <servlet-name>UniqueUpload</servlet-name> <servlet-class>com.hp.ov.sm.client.webtier.FileUploadServlet</servlet-class> <init-param> <param-name>allowed</param-name> <param-value>bmp,jpg,jpeg,png,gif,txt,log,unl,csv</param-value> </init-param> <init-param> <param-name>success</param-name> <param-value>../uniqueUploaded.jsp</param-value> </init-param> </servlet>
Related concepts
Related references
Parameter: attachmentsegmentsize
Default forbidden list of attachment file extensions
Related tasks
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to ovdoc-ITSM@hp.com.
Help Topic ID:
Product:
Topic Title:
Feedback: