Issue
Unable to publish or run workflows with Task based actions (Assign Flexi task, Assign to-do task, Request approval, Request data, Request review) after installing the July 2021 CU for SharePoint 2013, 2016, 2019.
Error Code
spNoCodeXomlCompilter.IsGoodWorkflow: Potentially malicious SetVariableActivity
CompileBytes: Web [web URL] , Site [Site URL], Tenant , Error parsing xoml:
Workflow Compilation XPath killswitch resulted in an exception: System.InvalidOperationException: This feature has been temporarily disabled
Error saving from workflow export file.: Nintex.Workflow.NWSavingWorkflowException: Failed to publish workflow: This feature has been temporarily disabled.
Resolution
To resolve the issue, add the following lines to all of the SharePoint web application's web.config:
<authorizedType Assembly="mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Namespace="System" TypeName="Int64" Authorized="True" /> <authorizedType Assembly="mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" Namespace="System" TypeName="Int64" Authorized="True" />
These need to be added in the authorizedTypes config section (configuration -> System.Workflow.ComponentModel.WorkflowCompiler -> authorizedTypes -> targetFx)
Additional Information
This issue is coming from a new change to address Common Vulnerabilities and Exposures that were delivered in the July Public Updates for SharePoint Server.
We will provide an update once the resolution has been included in an updated build of Nintex Workflow for SharePoint On Premises.