Loading...
Loading...
Any query containing characters that require escaping (‘, “, <, &) are loaded incorrectly (due to the escaping) into the condition builder and a subset of the value editors are incapable of interpreting the escaped values correctly. If the form is then saved, those incorrect values will be saved to the record (the user does NOT have to interact with the condition builder for this to happen). The form has to be UI16 for this issue to happen. Common scenarios where impact is noticed are forms using dates. If agenda items or workflows are relied upon, they may not work as a result of a improper value date returning. Versions affected: This affects WP4, WP4 HF1, WP4 HF1a, WP5, Xanadu RTP. Versions fixed: WP4 HF1b, WP4 HF2, WP5 HF1, WP6+, Xanadu+, Yokohama WARNING: Incorrect values not fixed will continue to persist after upgrading to a fixed version . To address the incorrect values, please refer to the workaround section below.
Example 1: Open the Business Rule Table list view. Filter by condition having '<=' Open any record with filter condition having 'at or before' date Notice the condition is not present when you open the record.(Caution: Once saved, this condition gets updated) Expected: The filter condition should be present on the record Actual: Filter condition is missing on the record --- Example 2: Using a Filter Query that contains ‘ If you open the form, you can see the defect affecting the date: If you look back in the filter query conditions the date now is escaped improperly, note the \
F ollow the steps below which include loading an update set (xml file attached to this KB) containing UI page that will provide guidance to a) identify any malformed records on your instance and b) steps to take action. We recommend to test on your Subproduction before making changes to Production. 29-Aug: Update set updated to address creating rows for the Inauditable tables in the script include 04-Sep (v24.09.04): Add ACL for write operations (Hovering over the KB update set attachment will show /sys_attachment.do?sys_id=f43ab78c47241a90b6d8aa25126d4335) What is the UI Page The Condition Field Record Audit UI Page allows system administrators to audit all the tables of their instances with condition-type fields with data that might have been malformed. The UI Page consists of 5 audit groups. Malformed: Records that have been modified after the upgrade where the current value of the records has escaped characters, and the previous value had special characters Likely Malformed: Records that have been modified after the upgrade where the current value of the records has escaped characters, but the table is not configured for audit history. Needs Review - Audit Failed: Records that have been modified after the upgrade. The current record value does not have special characters, but audit history shows it once did. Needs Review - Inauditable: This is a list of tables that have records that have been modified after the upgrade but is not configured for audit history. Reviewed Records: Records from the other audit groups that have been reviewed and marked "safe" or have had their values changed to their previous values. Actions Available Mark Safe: Removes record from current Audit Group table and moves it to Reviewed Records group Set Old Value: Sets the value found in the audit history as current value of the records selected and moves record to Reviewed Records group Mark Needs Review: Removes record from Review Records group table Download: Allows user to download the table as .CSV file for external review Refresh: Re-audit the tables for the currently selected Audit Group How to install Please see the attached update set (XML file) to this KB: Navigate to Retrieved Update Set Right click on list header and select "Import XML" Import Update Set XML from attachment Open Malformed Data UI Page Update Set Click "Preview Update Set" UI Action Click "Commit Update Set" Done To Use Navigate to "/ui_page.do?sys_id=de2f2a395f7b7110b0fd4b64fb73139c" UI Page How To Remove Imported Data Set After using the tool or at any point, you would like to revert back prior to importing the update set, any of the options below. Option 1: Back Out of Update Set Navigate to Update Set Commit History Open Malformed Data UI Page Click "Back Out" UI Action Click "Proceed with Back Out" Done Option 2: Manual Record Deletion There are 6 total records that encompass this set Script Include Table: sys_script_includes SysId: 72a8fbc593270210da0dd9a2348918c5 UI Page Table: sys_ui_page SysId: de2f2a395f7b7110b0fd4b64fb73139c User Preference Table: sys_user_preference SysId: b86a72aca3bb021020a9d2e4c31e6112 ACL Read Table: sys_security_acl SysId: e3e7f3c56904da10f877f3011ae3d5d1 ACL Write Table: sys_security_acl SysId: 9a6837c56904da10f877f3011ae3d549 ACL Execute Table: sys_security_acl SysId: 1ff2ed5ab9101210f87708b5ca77a38f ACL Read Role Table: sys_security_acl_role SysId: dc03ed5ab9101210f87708b5ca77a397 ACL Read Role Table: sys_security_acl_role SysId: c799ff496904da10f877f3011ae3d50e ACL Write Role Table: sys_security_acl_role SysId: 8cb9ff496904da10f877f3011ae3d58b To remove these records, follow these steps Navigate to the table for any of records you need to delete. Filter the table by the Sys Id of the record Open the single record in the results Select Delete UI Action for the record Repeat steps for the records contained in the remaining tables. Option 3: Background Script Alternatively, you can run this background script to automatically delete these records. var records = [{ table: 'sys_script_include', sysid: '72a8fbc593270210da0dd9a2348918c5' }, { table: 'sys_ui_page', sysid: 'de2f2a395f7b7110b0fd4b64fb73139c' }, { table: 'sys_user_preference', sysid: 'b86a72aca3bb021020a9d2e4c31e6112' }, { table: 'sys_security_acl', sysid: 'e3e7f3c56904da10f877f3011ae3d5d1' }, { table: 'sys_security_acl', sysid: '9a6837c56904da10f877f3011ae3d549' }, { table: 'sys_security_acl_role', sysid: 'c799ff496904da10f877f3011ae3d50e' }, { table: 'sys_security_acl_role', sysid: '8cb9ff496904da10f877f3011ae3d58b' }, { table: 'sys_security_acl', sysid: '1ff2ed5ab9101210f87708b5ca77a38f' }, { table: 'sys_security_acl_role', sysid: 'dc03ed5ab9101210f87708b5ca77a397' } ]; records.forEach(function (record) { var gr = new GlideRecord(record.table); var found = gr.get(record.sysid); if (found) { gs.info("Deleting Record " + record.sysid + "from " + record.table); gr.deleteRecord(); } }); To prevent further malformed queries on Washington moving forward The script attached to this KB (PRB1777164 maintenance) should be ran in scripts background to implement a sys_ui_macro to stop the defect from further occurring (if you are on a non-fixed version of Washington). This can be run as admin. The outputs will look similar to this when running the script: Macro inserted successfully: *** Script: {"changed":true,"details":{"outcome":["Success"],"macros":["Created sys_ui_macro override of element_conditions: 680727f693138210da0dd9a2348918be"],"foundMacros":0}} Attempted to update the sys_ui_macro but it is already updated to the fixed version: *** Script: {"changed":false,"details":{"outcome":["Skipped"],"macros":["sys_ui_macro override not necessary. Fix already applied: 680727f693138210da0dd9a2348918be"],"foundMacros":1}} -- Once you are on a fixed version of Washington with the sys_ui_macro update performed, the sys_ui_macro can be deleted. Search for the sys_ui_macro where sys_id=680727f693138210da0dd9a2348918be labeled as "element_conditions" and delete it: Name search: /sys_ui_macro_list.do?sysparm_query=name%3Delement_conditions&sysparm_first_row=1&sysparm_view= sys_id search: /sys_ui_macro_list.do?sysparm_query=sys_id%3D680727f693138210da0dd9a2348918be&sysparm_first_row=1&sysparm_view= FAQ Q: No audit history previous value is showing. What do I do? A: Some records will not have previous values to go back to. You can update the record condition field value by opening the record via the link on the table column. This will take you the form record where you can update the query for the condition field. Q: No records are showing for the audit group. What do I do? A: If no records show up for an audit group, it is likely that no records met the conditions of having an affected condition field. Check the other audit groups for other records that might have been affected. If there is no records, No action is required to be taken. There are no records to review. Q: I have a record flagged, but when I check it is set to read-only. What's the best course of action? A: If the field is read-only and modified by system, then it can likely be disregarded. The original issue affected fields that were not read-only when a form was opened, modified, and saved. It would not have affected a read-only field. Q: My subprod instances are reported to be impacted, but my prod instance that has the same version is not reported to be impacted. Why is this? A: The amount of reported malformed records depends on how many records were opened/modified/saved while the issue was still on the instance. It is possible subprod instances had more modifications in the time before the instance was updated to the fixed version. Q: I was notified that my instance was reported as impacted, but the UI page shows no issues. A: At the time that we performed our scan to investigate, we are looking at a snapshot at that period in time. Our notification is to inform of potential impact, which we request that the UI page is being used to ensure all is clear and actions are taken. Since we do not know what each customer is doing on their instance, we cannot answer why situations are different between subproduction instances to production instances. However the most likely scenario is someone noticed something before they used the UI page and they fixed it.
PRB1777164
Click on a version to see all relevant bugs
ServiceNow Integration
Learn more about where this data comes from
Bug Scrub Advisor
Streamline upgrades with automated vendor bug scrubs
BugZero Enterprise
Wish you caught this bug sooner? Get proactive today.