Forum Discussion

Tom Robey's avatar
Tom Robey
Iron Contributor
Jun 06, 2017

Embedding Content in SharePoint

I am trying to embed a website into SharePoint using the embed webpart.  However I'm receiving the message "Embedding content from this website isn't allowed, but your admin can change this setting. ...
Permissions
SharePoint Online
Sites
SAURAV PANT's avatar
SAURAV PANT
Copper Contributor
Sep 22, 2018

Hi There,

 

Here are some details - 

 

*Issue Encountered* -  While adding iframe to  sharepoint

*Error* - embedding content from this website isn't allowed, but your admin can change this setting.

*Steps flowed* -

Requested admin rights from Sys Admin

Added site in HTM field security and Allowed custom Script in SharePoint settings

 

Still facing the problem?

 

Here is the solution -

 

The setting HTM field security is also at the site level.

  1. Enable Custom script in site collection in root(main site).
  2. For the root (main site)as well as for tenant site.
  3. Owner of the group (Tenant)can only see the Site settings where you will find HTM field security for that site.
  4. if you are not the owner you will not see the site so , To change the owner -

Download and Login to Share point power shell and connect using a command - 

 

Connect-SPOService -Url https://tanentname-admin.sharepoint.com -credential youremail@domainname.com

 

5. The window will pop up asking your credentials and then you will be connected

 

6. Once it is connected check site URL where you are working -

Command get-ositspe will show all site URLs

 

7. Change  Setting using sharepoint power shell using below command - 

set-sposite -identity ___SiteURL -DenyAddAndCustomizePages 0

 

If you are not the owner of the site you want to host iframe to use below command to be the owner first after connecting using power shell and then follow steps  - 

 

set-sposite -identity SITE URL -owner youremail@domain.com

 

- You got to be the owner of the share point site in order to change HTM field security or else this option will not be visible.

 

MariusPretorius's avatar
MariusPretorius
Iron Contributor
Jan 08, 2021

SAURAV PANT Thank you, this pointed me in the right direction. I had changed the Sites collection HTML Field Security setting but missed the Site Level HTML Field Security setting. For good measure I also enabled Custom scripts. I did not run any of the PowerShell scripts you suggested but just used the settings gear. I had to click around a bit to find the correct settings. I had to use three different methods.

  • To get to the site collections admin setting, I went to the tenant sites collection root and then chose the gear at the top right, then scrolled to HTML Field Security setting
  • To get to the site level setting, I went to any site page, selected the gear at the top right, chose "Site Information" then "View all site settings", then scrolled to HTML Field Security setting.
  • To allow Custom scripts, I went to Office 365 Admin>SharePoint Admin>Settings>Classic Settings Page and then scrolled to the Custom Script settings towards the bottom. 

After that I tested with an iframe embedded object with script tags and it worked.

 

Thank you!

Resources