Configure HTML Field Security in SharePoint Online
Requirement: Configure HTML Field Security in SharePoint Online
HTML Field Security in SharePoint Online:
IFrames can lead to JavaScript injection attack, hence We've a security precaution in SharePoint Online to allow embed scripts only from trusted domains. If you try to add embed script from any other site, You'll get an error message: "Embedding content from this website isn't allowed, but your admin can change this setting. They will need to add 'www.videodomain.com' to the list of sites that are allowed."
Add Trusted Domain to HTML Field Security List:
SharePoint Online comes with a default list of web sites from which content can be displayed. You can add or remove sites in this list. To add a site to trusted sites list to embed IFrame, follow these steps:
HTML Field Security in SharePoint Online using PowerShell?
You can configure the HTML Field security's trusted sites list through PnP PowerShell
HTML Field Security in SharePoint Online:
IFrames can lead to JavaScript injection attack, hence We've a security precaution in SharePoint Online to allow embed scripts only from trusted domains. If you try to add embed script from any other site, You'll get an error message: "Embedding content from this website isn't allowed, but your admin can change this setting. They will need to add 'www.videodomain.com' to the list of sites that are allowed."
Add Trusted Domain to HTML Field Security List:
SharePoint Online comes with a default list of web sites from which content can be displayed. You can add or remove sites in this list. To add a site to trusted sites list to embed IFrame, follow these steps:
- Go to Your SharePoint Online Site Collection >> Site Settings >> Click on "HTML Field Security" under Site Collection Administration
- Set "Allow contributors to insert iframes only from the following domains" option.
- Add your custom video domain to the list and Click on "OK" to save your changes.
HTML Field Security in SharePoint Online using PowerShell?
You can configure the HTML Field security's trusted sites list through PnP PowerShell
#Set Variables $SiteURL = "https://crescentintranet.sharepoint.com/sites/marketing" #Connect to PnP Online Connect-PnPOnline -Url $SiteURL -UseWebLogin #Get the Site $Site = Get-PnPSite –Includes CustomScriptSafeDomains #Add domain $Domain = [Microsoft.SharePoint.Client.ScriptSafeDomainEntityData]::new() $Domain.DomainName = "products.crescent.com" $Site.CustomScriptSafeDomains.Create($Domain) Invoke-PnPQuery
Hello! Is it possible, in SP2019, to specify in the pnp provisioning template to set the HTML field security to "Allow from any domain"?
ReplyDelete