Prevent javascript execution to users

paco_castillo — Thu, 20 Feb 2025 07:09:44 GMT

Hi Dynatrace community,

Is there a way to prevent users to execute javascript in apps? i.e Dashboards, workflows, notebooks etc...

The use case here is, we would need to prevent an user to create a javascript tile in the mentioned apps (to avoid malicious intents). Is there a permission in the policies for this?

The second use case is, can we prevent users to create a javascript tile but they can consume a dashboard/notebook/workflow that an user with elevated permissions have created?

Thanks!

Best regards,

Paco

Re: Prevent javascript execution to users

erh_inetum — Thu, 20 Feb 2025 15:00:29 GMT

Hi Paco,

I think you can define a read-only IAM policy to the objects you need to.
Ex.:
ALLOW settings:objects:read, settings:schemas:read WHERE settings:schemaId IN ("builtin:dashboards.general","builtin:dashboards.presets","builtin:dashboards.image.allowlist");
ALLOW automation:workflows:read

However, someone may propose a more complete solution than mine.
Hope it helps anyway.
Regards,
Elena.

topic Prevent javascript execution to users in Open Q&A

Prevent javascript execution to users

Re: Prevent javascript execution to users