Microsoft has announced that the Custom Script setting in SharePoint and OneDrive will be removed by early June 2024. Administrators will no longer be able to control default behavior on self-service created sites or personal sites. However, customers can still temporarily enable custom scripts using PowerShell. Existing scripts in OneDrive and SharePoint sites will not be affected. In this blog post, we’ll delve into the details of these changes, their implications, and how you can prepare your organization.
Why Custom Script Settings Are Changing
Custom scripts in SharePoint Online have long provided users with the flexibility to customize their sites and add advanced functionality. However, this flexibility comes with several challenges:
- Security Risks: Custom scripts can introduce vulnerabilities that may be exploited by malicious actors.
- Compliance Concerns: Ensuring that custom scripts comply with organizational policies and industry regulations can be difficult.
- Performance Issues: Uncontrolled custom scripts can negatively impact site performance and reliability.
To address these challenges, Microsoft is implementing changes to the Custom Script settings in SharePoint Online.
What is changing?
- The Custom Script setting, which allows users to execute custom scripts on personal sites and self-service created sites, will be removed. This setting is currently found in the SharePoint Admin Center under Settings -> Classic Settings.
- A new PowerShell command, “DelayDenyAddAndCustomizePagesEnforcement” has been introduced. Available in SharePoint Online Management Shell version 16.0.24524.12000 or higher, this command allows you to delay the enforcement of changes to custom scripts on the Tenant until mid-November 2024.
- There will not be an option to enable custom script on OneDrive sites once the delay set using DelayDenyAddAndCustomizePagesEnforcement ends in mid-November 2024
- The NoScriptSite setting will be configured to True for all existing SharePoint sites and OneDrive sites except for the below-mentioned site templates.
- BLANKINTERNETCONTAINER#0 = Classic Publishing Portal site
- CMSPUBLISHING#0 = Publishing Site
- BLANKINTERNET#0 = Publishing Site
- GROUP#0 = Team site
- APPCATALOG#0 = App Catalog
- CSPCONTAINER#0 = CSP Container
- The execution of existing scripts in OneDrive and SharePoint sites will not be impacted.
- Customers will retain the ability to permit the execution of custom scripts on specific SharePoint sites using the Set-SPOSite <SiteURL> -DenyAddAndCustomizePages PowerShell command Or from the Active sites page in the SharePoint Admin Center.
- Any modifications made to a site will automatically revert to False status within 24 hours, unless the new PowerShell command “DelayDenyAddAndCustomizePagesEnforcement” is used before mid-November 2024. After mid-November 2024, the 24-hour reversion will occur regardless.
How this will impact the organization
- Once the Custom Script setting is removed, adding, modifying, or removing scripts in OneDrive and SharePoint sites will only be possible if administrators temporarily enable the setting for specific sites.
- This will not impact the ability to execute existing scripts in OneDrive and SharePoint sites.
Features Impacted when custom script is blocked
The following site settings are unavailable when users are prevented from running custom script:
- Save Site as Template
- Save document library as template
- Save list as template
- Solution Gallery
- Theme Gallery
- Help Settings
- Sandbox solutions
- SharePoint Designer
- Uploading files that potentially include script
- Uploading Documents to Content Types
- Publishing of SharePoint 2010 Workflows
The following web parts and features are unavailable to site admins and owners when you prevent them from running custom script.
- Business Data Actions
- Business Data Item
- Business Data Item Builder
- Business Data List
- Business Data Related List
- Excel Web Access
- Indicator Details
- Status List
- Visio Web Access
- About This Community
- Join My Membership Tools
- What’s Happening
- Categories
- Project Summary
- Relevant Documents
- RSS Viewer
- Site Aggregator
- Sites in Category
- Term Property
- Timeline
- WSRP Viewer
- XML Viewer
- Document Set Contents
- Document Set Properties
- Embed
- HTML Form Web Part
- Content Editor
- Script Editor
- Silverlight Web Part
- Refinement
- Search Box
- Search Navigation
- Search Results
- Catalog-Item Reuse
- Contact Details
- Note Board
- Organization Browser
- Site Feed
- Tag Cloud
- User Tasks
- Can’t create or edit master pages
- Can’t create or edit master pages and page layouts