![SharePoint Online: Content Security Policy Control in Tenant Administration [MC1055557]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-evgeny-tchebotarev-1058775-2541310-1024x683.webp)
Message ID: MC1055557
SharePoint Online Tenant Administrators can now allow script sources for modern pages in SharePoint sites. This feature is particularly useful in scenarios where modern pages have custom code that loads scripts (e.g., TypeScript code) from external sources like a content delivery network (CDN). SharePoint will now report to administrators where sources that have not been allowed are loaded from, providing a way for administrators to identify those sources and take action. Tenant Administrators can also enforce browsers to only load scripts from allowed sources. This behavior can be enabled using SharePoint Online Management Shell.
[When this will happen:]
Targeted Release: We will begin rolling out on late March 2025 and expect to complete by early April 2025.
General Availability (Worldwide): We will begin rolling out on late April 2025 and expect to complete by late April 2025.
General Availability (GCC, GCC High, DoD): We will begin rolling out on late April 2025 and expect to complete by mid-May 2025.
[How this will affect your organization:]
Tenant Administrators will have the option to control and govern where custom code loads scripts and, if needed, enforce browsers to only load scripts from trusted sources. A new "Trusted script sources" page will give administrators control over which source can be trusted to load scripts.
[What you need to do to prepare:]
Source: Microsoft
![Refreshed placeholders in PowerPoint desktop [MC1055556]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-padrinan-1111317-150x150.webp)
![Microsoft SharePoint Online: We will remove retired DISCO and WSDL web pages [MC1055555]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-minan1398-1234035-150x150.webp)
The recent update regarding Content Security Policy Control in SharePoint Online is set to make waves for both tenant administrators and users alike. With the introduction of the ability to allow script sources for modern pages, administrators will gain significant control over the security of their SharePoint environments. This means they can now confidently permit custom scripts from trusted sources, such as content delivery networks (CDNs), without compromising on security.
For admins, this is a game-changer. Not only will they have a new “Trusted script sources” page to manage script permissions, but they will also receive reports on any scripts loaded from unapproved sources. It’s like having a security guard at the entrance of a nightclub, ensuring only the right guests get in! This newfound oversight will help in identifying potential vulnerabilities and enhance the overall security posture of the organization.
On the user side, the impact is equally positive. Users can look forward to a seamless experience with modern pages that utilize custom scripts, allowing for more dynamic and engaging content. However, they might also need to keep an eye out for any changes in how scripts load, especially if they are used to certain functionalities that may now be restricted based on the admin’s settings.
In terms of overall impact, this update encourages a more secure and controlled environment, which is essential in today’s digital landscape. It promotes a collaborative atmosphere where innovation can thrive without exposing the organization to unnecessary risks.
As we gear up for the rollout scheduled for late March 2025 for targeted release and late April 2025 for general availability, it’s crucial for everyone to stay informed. So, what do you think about these changes? Will they make your SharePoint experience better? Share your thoughts below, and let’s keep the conversation going!
For more insights on SharePoint updates and best practices, be sure to check out additional posts on mwpro.co.uk.