Managing the allowlist for uploading images

In IBM® Engineering Lifecycle Optimization - Engineering Insights (ENI), you can use images that are visible at different places. However, image files are susceptible to malware attack. To prevent the attack, you must add domains of the images in the allowlist.

Before you begin

Only administrators who have access to the IBM Jazz® Team Server file system can add domain names to the allowlist.

About this task

Starting in V7.0, the allowlist is enabled by default even with no domain that is listed in the file. In earlier versions, the allowlist is not applied if one or more domain names are not present in the file.


To add domains of the images in the allowlist,

  1. Go to the folder <JTS_Server_Path>/server/conf/relm/imageallowlist.
  2. Open the file in a text editor.
  3. Add the domain name to the existing list of values for the key domain_allowlist.
  4. Use a comma “,” as a separator to add multiple domain names to the list.
    Note: Do not include a blank space before or after the comma. For example, domain_allowlist:domain1,domain2,domain3
  5. Save the file and then close it.