Skip to main content

UX-SEC-010 - App/Url Restrictions

Rule ID: UX-SEC-010

Scope: Activity

Default action: Warning

This rule applies only to activities that are part of the Modern UI Automation experience.

note

The rule checks both local and remote applications (for example, applications automated over RDP connections).

Description

The rule checks whether any restricted applications or web pages are used in the project. Restrictions are defined by the following lists:

  • Prohibited Applications - Applications that are not allowed in the project. All applications that are not on this list can be used in the project.
  • Allowed Applications - Applications that are allowed in the project. Only the applications that are on this list can be used in the project.
  • Prohibited URLs - URLs that are not allowed in the project. All URLs that are not on this list can be used in the project.
  • Allowed URLs - URLs that are allowed in the project. Only the URLs that are on this list can be used in the project.

To define restrictions at organization level, use the RT-UIA-001 Runtime Analyzer rule in Automation Ops.

Recommendation

Do not create automations for applications or web pages that are not allowed by your organization.

docs image

Modifying the rule

In the Project Settings window, select the Workflow Analyzer tab. Find and select the rule, and then define the restrictions for applications and URLs using the prohibited lists or the allowed lists. When modifying the rule:

  • Add a list of URLs / applications separated by comma (,). For applications, you can add any part of the full path to executable files. For web pages, you can add any part of the URL.
  • You can use wildcards when defining the lists. The supported wildcards are * and ?.
  • Do not use the prohibited and allowed lists concurrently for the same scope. If both lists are populated for the same scope, the list of allowed applications/URLs takes precedence.

Reset to default

By default, the rule does not restrict the use of any activity. To reset the rule to default, right-click it in the Project Settings window, and then click Reset to default.

What the rule verifies

The rule verifies the following for all the Use Application/Browser activities in the project:

  • For activities targeting desktop applications, the rule verifies the File path properties and the app type attributes of the selectors.
  • For activities targeting web browsers, the rule verifies the Browser URL properties. For Go to URL activities added inside Use Application/Browser, the rule verifies the URL properties.