允许或阻止自定义脚本Allow or prevent custom script

作为 Microsoft 365 中的全局管理员或 SharePoint 管理员,您可以允许自定义脚本作为一种方式,让用户更改网站和页面的外观和行为,以满足组织目标或个人需求。As a global or SharePoint admin in Microsoft 365, you can allow custom script as a way of letting users change the look, feel, and behavior of sites and pages to meet organizational objectives or individual needs. 如果允许自定义脚本,则对网站或页面具有"添加和自定义页面"权限的所有用户都可以添加所需的任何脚本。If you allow custom script, all users who have "Add and Customize Pages" permission to a site or page can add any script they want. (默认情况下,创建网站的用户是网站所有者,因此具有此权限。(By default, users who create sites are site owners and therefore have this permission. 有关 SharePoint 权限级别详细信息,请参阅了解 SharePoint.) For more info about SharePoint permission levels, see Understanding permission levels in SharePoint.)

备注

有关更改网站外观的简单方法,请参阅"更改SharePoint 网站的外观"。For simple ways to change the look and feel of a site, see Change the look of your SharePoint site.

默认情况下,管理员创建大多数网站都允许使用脚本。By default, script is allowed on most sites that admins create. OneDrive、用户自行创建的网站、新式团队和通信网站以及组织的根网站上不允许使用。It is not allowed on OneDrive, on sites users create themselves, on modern team and communication sites, and on the root site for your organization. 出于安全考虑,你可能需要限制允许的脚本数量。You'll probably want to limit the amount of script you allow for security reasons. 有关自定义脚本的安全含义详细信息,请参阅允许自定义脚本 的安全注意事项For more info about the security implications of custom script, see Security considerations of allowing custom script.

重要

如果在 2015 之前为组织设置了 SharePoint,则您的自定义脚本设置可能仍设置为"未配置",即使在 SharePoint 管理中心中,它们似乎已设置为阻止用户运行自定义脚本。If SharePoint was set up for your organization before 2015, your custom script settings might still be set to "Not Configured" even though in the SharePoint admin center they appear to be set to prevent users from running custom script. 在这种情况下,用户将无法在 SharePoint 网站之间以及 OneDrive 和 SharePoint 之间复制项目。In this case, users won't be able to copy items between SharePoint sites and between OneDrive and SharePoint. 在 SharePoint 管理中心的"设置"页上,若要在自定义脚本设置出现时接受这些设置,请选择"确定",并启用跨网站复制。On the Settings page of the SharePoint admin center, to accept the custom script settings as they appear, select OK, and enable cross-site copying. 有关在 OneDrive 和 SharePoint 之间复制项目的信息,请参阅复制 OneDrive 和 SharePoint网站之间的文件和文件夹。For more info about copying items between OneDrive and SharePoint, see Copy files and folders between OneDrive and SharePoint sites.

在 OneDrive 或用户创建的网站上允许自定义脚本To allow custom script on OneDrive or user-created sites

在 SharePoint 管理中心中,可以选择允许用户在称为"个人网站" (OneDrive ) 或他们创建的所有经典团队网站上运行自定义脚本。In the SharePoint admin center, you can choose to allow users to run custom script on OneDrive (referred to as "personal sites") or on all classic team sites they create. 有关允许用户创建自己的网站的信息,请参阅"在 SharePoint 中管理网站创建"。For info about letting users create their own sites, see Manage site creation in SharePoint.

注意

在允许组织中网站的自定义脚本之前,请确保你了解 安全含义Before you allow custom script on sites in your organization, make sure you understand the security implications.

  1. 转到新的 SharePoint 管理中心的“设置”页,然后使用在组织中具有管理员权限的帐户进行登录。Go to the Settings page of the new SharePoint admin center, and sign in with an account that has admin permissions for your organization.

备注

如果使用的是 Office 365 Germany,请登录 Microsoft 365 管理中心,然后浏览到 SharePoint 管理中心并打开“设置”页面。 If you have Office 365 Germany, sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Settings page.
如果使用的是由世纪互联(中国)运营的 Office 365,请 登录 Microsoft 365 管理中心,然后浏览到 SharePoint 管理中心并打开“设置”页面。If you have Office 365 operated by 21Vianet (China), sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Settings page.

  1. 在页面底部,选择“经典设置页面”。At the bottom of the page, select classic settings page.

  2. 在“自定义脚本”下,选择:Under Custom Script, select:

  • 允许用户在个人网站上运行自定义脚本Allow users to run custom script on personal sites.

  • 允许用户在自助式创建的网站上运行自定义脚本Allow users to run custom script on self-service created sites.

    SharePoint 管理中心中"设置"页面的"自定义脚本"部分

    备注

    由于自助式网站创建默认指向组织的根网站,因此更改自定义脚本设置允许在组织的根网站上使用自定义脚本。Because self-service site creation points to your organization's root site by default, changing the Custom Script setting allows custom script on your organization's root site. 有关更改网站创建位置的信息,请参阅"在 SharePoint 中管理网站创建"。For info about changing where sites are created, see Manage site creation in SharePoint.

  1. 选择“确定”。Select OK. 更改最多可能需要 24 小时才能生效。It can take up to 24 hours for the change to take effect.

允许在其他 SharePoint 网站上使用自定义脚本To allow custom script on other SharePoint sites

注意

在允许组织中网站的自定义脚本之前,请确保你了解 安全含义Before you allow custom script on sites in your organization, make sure you understand the security implications.

若要允许对以前称为"网站集 (网站集) 自定义脚本,请执行以下步骤:To allow custom script on a particular site (previously called "site collection") immediately, follow these steps:

  1. 下载最新的SharePoint在线管理壳Download the latest SharePoint Online Management Shell.

    备注

    如果你已安装早期版本的SharePoint Online Management Shell,请进入添加或删除程序并卸载 "SharePoint Online Management Shell"。If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell."
    在 "下载中心" 页面上,选择你的语言,然后单击 "下载" 按钮。On the Download Center page, select your language and then click the Download button. 系统会要求你下载 x64 和 x86 .msi 文件之间做出选择。You'll be asked to choose between downloading a x64 and x86 .msi file. 如果你运行的是64位版本的Windows,请下载x64文件,如果你运行的是32位版本,请下载x86文件。Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. 如果你不知道,请参阅我运行的是哪个版本的 Windows 操作系统?If you don't know, see Which version of Windows operating system am I running?. 下载文件后,运行该文件并按照安装向导中的步骤进行操作。After the file downloads, run it and follow the steps in the Setup Wizard.

  2. 在Microsoft 365中,以全局管理员或SharePoint管理员连接到SharePoint。Connect to SharePoint as a global admin or SharePoint admin in Microsoft 365. 若要了解具体操作步骤,请参阅 SharePoint 在线管理壳入门To learn how, see Getting started with SharePoint Online Management Shell.

  3. 运行以下命令。Run the following command.

    Set-SPOsite <SiteURL> -DenyAddAndCustomizePages 0
    

如果更改用户的 OneDrive 或经典团队网站的此设置,将在 24 小时内由管理中心中的自定义脚本设置覆盖此设置。If you change this setting for a user's OneDrive or a classic team site, it will be overridden by the Custom Script setting in the admin center within 24 hours.

自定义脚本被阻止时受影响的功能Features affected when custom script is blocked

当阻止用户在 OneDrive 或他们创建的经典团队网站上运行自定义脚本时,网站管理员和所有者将无法创建新项,如模板、解决方案、主题和帮助文件集合。When users are prevented from running custom script on OneDrive or the classic team sites they create, site admins and owners won't be able to create new items such as templates, solutions, themes, and help file collections. 如果过去允许自定义脚本,则已创建的项仍将正常工作。If you allowed custom script in the past, items that were already created will still work.

当阻止用户运行自定义脚本时,以下网站设置不可用:The following site settings are unavailable when users are prevented from running custom script:

网站功能Site feature 行为Behavior 备注Notes
将网站另存为模板Save Site as Template
网站设置中不再提供No longer available in Site Settings
用户仍可使用在自定义脚本被阻止之前创建的模板构建网站。Users can still build sites from templates created before custom script was blocked.
将文档库另存为模板Save document library as template
库设置中不再提供No longer available in Library Settings
用户仍可使用在自定义脚本被阻止之前创建的模板构建文档库。Users can still build document libraries from templates created before custom script was blocked.
解决方案库Solution Gallery
网站设置中不再提供No longer available in Site Settings
用户仍可以使用在自定义脚本被阻止之前创建的解决方案。Users can still use solutions created before custom script was blocked.
主题库Theme Gallery
网站设置中不再提供No longer available in Site Settings
用户仍可以使用在自定义脚本被阻止之前创建的主题。Users can still use themes created before custom script was blocked.
帮助设置Help Settings
网站设置中不再提供No longer available in Site Settings
用户仍然可以访问自定义脚本被阻止之前可用的帮助文件集合。Users can still access help file collections available before custom script was blocked.
HTML 字段安全性HTML Field Security
仍在"网站设置"中可用,但所做的更改不会生效Still available in Site Settings, but changes made will not take effect
用户仍可以使用在自定义脚本被阻止之前设置的 HTML 字段安全性。Users can still use HTML field security that they set up before custom script was blocked.
沙盒解决方案Sandbox solutions
解决方案库在"网站设置"中不再可用Solution Gallery is no longer available in Site Settings
用户无法添加、管理或升级沙盒解决方案。Users can't add, manage, or upgrade sandbox solutions. 他们仍然可以运行在自定义脚本被阻止之前部署的沙盒解决方案。They can still run sandbox solutions that were deployed before custom script was blocked.
SharePoint DesignerSharePoint Designer
非 HTML 页面无法再更新。Pages that are not HTML can no longer be updated.
处理列表 :创建表单自定义操作 将不再有效。Handling List: Create Form and Custom Action will no longer work.
子网站 :新建子网站和****删除网站 重定向到浏览器中的 "网站 设置"页。Subsites: New Subsite and Delete Site redirect to the Site Settings page in the browser.
数据源 :"属性 "按钮不再可用。Data Sources: Properties button is no longer available.
用户仍可以打开一些数据源。Users can still open some data sources. 若要在 SharePoint Designer 中打开不允许自定义脚本的网站,必须先打开允许自定义脚本的网站。To open a site that does not allow custom script in SharePoint Designer, you must first open a site that does allow custom script.
上载可能包含脚本的文件Uploading files that potentially include script
无法再将以下文件类型上载到库The following file types can no longer be uploaded to a library
.asmx.asmx
.ascx.ascx
.aspx.aspx
.htc.htc
.jar.jar
.master.master
.swf.swf
.xap.xap
.xsf.xsf
库中的现有文件不会受到影响。Existing files in the library are not impacted.
将文档上载到内容类型Uploading Documents to Content Types
尝试将文档模板附加到内容类型时拒绝访问邮件。Access denied message when attempting to attach a document template to a Content Type.
我们建议使用文档库模板。We recommend using Document Library document templates.
发布 SharePoint 2010 工作流Publishing of SharePoint 2010 Workflows
尝试发布 SharePoint 2010 工作流时拒绝访问消息。Access denied message when attempting to publish a SharePoint 2010 Workflow.

阻止网站管理员和所有者运行自定义脚本时,以下 Web 部件和功能对网站管理员和所有者不可用。The following web parts and features are unavailable to site admins and owners when you prevent them from running custom script.

Web 部件类别Web part category Web 部件Web part
业务数据Business Data
业务数据操作Business Data Actions
业务数据项目Business Data Item
业务数据项生成器Business Data Item Builder
业务数据列表Business Data List
业务数据相关列表Business Data Related List
Excel Web AccessExcel Web Access
指标详细信息Indicator Details
状态列表Status List
Visio Web AccessVisio Web Access
社区Community
关于此社区About This Community
加入Join
我的成员身份My Membership
工具Tools
发生了什么事情What's Happening
内容汇总Content Rollup
类别Categories
项目摘要Project Summary
相关文档Relevant Documents
RSS 查看器RSS Viewer
网站聚合器Site Aggregator
类别中的网站Sites in Category
术语属性Term Property
日程表Timeline
WSRP 查看器WSRP Viewer
XML 查看器XML Viewer
Document SetsDocument Sets
文档集内容Document Set Contents
文档集属性Document Set Properties
FormsForms
HTML 表单Web 部件HTML Form Web Part
媒体和内容Media and Content
内容编辑器Content Editor
脚本编辑器Script Editor
Silverlight Web 部件Silverlight Web Part
搜索Search
精简Refinement
搜索框Search Box
搜索导航Search Navigation
搜索结果Search Results
搜索驱动的内容Search-Driven Content
Catalog-Item重用Catalog-Item Reuse
社会协作Social Collaboration
联系人详细信息Contact Details
记事板Note Board
组织浏览器Organization Browser
网站源Site Feed
标记云Tag Cloud
用户任务User Tasks
母版页样式库Master Page Gallery
无法创建或编辑母版页Can't create or edit master pages
发布网站Publishing Sites
无法创建或编辑母版页和页面布局Can't create or edit master pages and page layouts

向用户传达脚本设置更改的最佳实践Best practice for communicating script setting changes to users

在阻止之前允许的网站上使用自定义脚本之前,我们建议提前传达更改,以便用户可以了解它的影响。Before you prevent custom script on sites where you previously allowed it, we recommend communicating the change well in advance so users can understand the impact of it. 否则,习惯更改主题或将 Web 部件添加到其网站上的用户将突然无法看到并看到以下错误消息。Otherwise, users who are accustomed to changing themes or adding web parts on their sites will suddenly not be able to and will see the following error message.

网站禁用脚本时显示的错误消息

提前传达更改可降低用户沮丧和支持呼叫。Communicating the change in advance can reduce user frustration and support calls.