Enhanced security features have been implemented to bolster data protection in Sage CRM 2024 R1. These include the implementation of improved controls over external URLs within dashboard gadgets.

A new checkbox, labelled "Allow external URLs in website gadgets," has been added to the system behaviour settings. This checkbox grants system administrators the ability to toggle the functionality of external URLs in website gadgets on or off.

Enabling external URLs poses potential security risks within Sage CRM, as it could lead users to malicious websites. For heightened security measures, it is recommended to disable external URLs by unchecking this checkbox.

When the "Allow external URLs in website gadgets" checkbox is unchecked (the default setting), website gadgets are restricted to containing only static URLs that originate from the #crm_server# domain. This ensures that URLs can only reference files located on the Sage CRM server, following this format:

#crm_server#/StaticContent/<HTML File Name>

To access this new checkbox, navigate to My Profile icon > Administration > System > System Behavior > Allow external URLs in website gadgets.

Note that after upgrading to Sage CRM 2024 R1, all external URLs in your website gadgets will cease to function as the "Allow external URLs in website gadgets" checkbox is cleared by default during the upgrade process.