Forum Discussion
HTML Field Security - Group Sites
This relates on the "noscript" or script capability support. You would get similar result when noscript would be enabled on classic team site. Here's the pointer from the following support article.
HTML Field Security - No longer available in Library Settings. - You can still use HTML field security that you set up before scripting was disabled.
Using iFrame has been classicfied as JavaScript injection security challenge and it's disabled for the content areas when noscript is enabled. NoScript setting is enabled by default for Office 365 Groups / Modern team sites and you cannot disable that. When site has scripting capabilities disabled, all scenarios where user can inject script to be executed on behalf of the user, without administrative concent, are being disabled. Custom SharePoint Framework web parts are approved by administrator(s), so they do work on the modern sites.
So is what you're saying the solution for this is from Microsoft support, is that you have to run a powershell command to grant permission for a single Group Site to have that capability? If there were more than one you would have to run that site by site?
What if you wanted to turn it on for all Group Sites?
Thank you for your reply.
Do you have an example of the type of script we could write that would allow that?
jcgonzalezmartin Is there a way to add a custom domain to the default list on tenant level, so we deal with this once and forever?
