Managing the allowlist for uploading images

In IBM® Engineering Lifecycle Optimization - Engineering Insights (ENI), you can use images that are visible at different places. However, image files are susceptible to malware attack. To prevent the attack, you must add domains of the images in the allowlist.

Before you begin

Only administrators who have access to the IBM Jazz® Team Server file system can add domain names to the allowlist.

About this task

Starting in V7.0, the allowlist is enabled by default even with no domain that is listed in the configallowlist.properties file. In earlier versions, the allowlist is not applied if one or more domain names are not present in the configallowlist.properties file.

Procedure

To add domains of the images in the allowlist,

  1. Go to the folder <JTS_Server_Path>/server/conf/relm/imageallowlist.
  2. Open the configallowlist.properties file in a text editor.
  3. Add the domain name to the existing list of values for the key domain_allowlist.
  4. Use a comma “,” as a separator to add multiple domain names to the list.
    Note: Do not include a blank space before or after the comma. For example, domain_allowlist:domain1,domain2,domain3
  5. Save the file and then close it.