允許或防止自訂指令碼Allow or prevent custom script
在 Microsoft 365 中以全域方式或 SharePoint 管理員的方式,您可以允許自訂腳本,讓使用者變更網站和頁面的外觀、風格和行為,以滿足組織的目標或個別需求。As a global or SharePoint admin in Microsoft 365, you can allow custom script as a way of letting users change the look, feel, and behavior of sites and pages to meet organizational objectives or individual needs. 如果您允許自訂腳本,具有網站或頁面「新增及自訂頁面」許可權的所有使用者都可以新增任何想要的腳本。If you allow custom script, all users who have "Add and Customize Pages" permission to a site or page can add any script they want. (預設情況下,建立網站的使用者為網站擁有者,因此具有此許可權。(By default, users who create sites are site owners and therefore have this permission. 如需 SharePoint 許可權等級的詳細資訊,請參閱 瞭解 SharePoint 中的許可權等級。 ) For more info about SharePoint permission levels, see Understanding permission levels in SharePoint.)
注意
如需更簡單的方法來變更網站的外觀與風格,請參閱 變更 SharePoint 網站的外觀。For simple ways to change the look and feel of a site, see Change the look of your SharePoint site.
根據預設,系統管理員可以在大多數的網站上建立腳本。By default, script is allowed on most sites that admins create. 不允許在 OneDrive、使用者自行建立的網站上、新式團隊和通訊網站,以及組織的根網站上進行。It is not allowed on OneDrive, on sites users create themselves, on modern team and communication sites, and on the root site for your organization. 您可能會想要出於安全性原因限制所允許的腳本數目。You'll probably want to limit the amount of script you allow for security reasons. 如需自訂腳本安全性意義的詳細資訊,請參閱 允許自訂腳本的安全性考慮。For more info about the security implications of custom script, see Security considerations of allowing custom script.
重要
如果您的組織在2015之前已設定 SharePoint,您的自訂腳本設定仍會設定為「未設定」,即便是在 SharePoint 系統管理中心,其似乎已設定為防止使用者執行自訂腳本。If SharePoint was set up for your organization before 2015, your custom script settings might still be set to "Not Configured" even though in the SharePoint admin center they appear to be set to prevent users from running custom script. 在此情況下,使用者將無法在 SharePoint 網站之間,以及 OneDrive 和 SharePoint 之間複製專案。In this case, users won't be able to copy items between SharePoint sites and between OneDrive and SharePoint. 在 SharePoint 系統管理中心的 [設定] 頁面上,若要接受顯示的自訂腳本設定,請選取 [確定],然後啟用跨網站複製。On the Settings page of the SharePoint admin center, to accept the custom script settings as they appear, select OK, and enable cross-site copying. 如需在 OneDrive 和 SharePoint 之間複製專案的詳細資訊,請參閱 在 OneDrive 與 SharePoint 網站之間複製檔案和資料夾。For more info about copying items between OneDrive and SharePoint, see Copy files and folders between OneDrive and SharePoint sites.
在 OneDrive 或使用者建立的網站上允許自訂腳本To allow custom script on OneDrive or user-created sites
在 SharePoint 系統管理中心,您可以選擇允許使用者在 OneDrive 上執行自訂腳本, (稱為「個人網站」 ) 或所有傳統小組網站建立。In the SharePoint admin center, you can choose to allow users to run custom script on OneDrive (referred to as "personal sites") or on all classic team sites they create. 如需讓使用者建立自己的網站的詳細資訊,請參閱 在 SharePoint 中管理網站建立。For info about letting users create their own sites, see Manage site creation in SharePoint.
警告
在您的組織中的網站上允許自訂腳本之前,請務必瞭解 安全性的含義。Before you allow custom script on sites in your organization, make sure you understand the security implications.
- 移至新 SharePoint 系統管理中心的設定頁面,並使用具有組織系統管理員權限的帳戶登入。Go to the Settings page of the new SharePoint admin center, and sign in with an account that has admin permissions for your organization.
注意
如果您使用 Office 365 Germany,請登入 Microsoft 365 系統管理中心,然後瀏覽至 SharePoint 系統管理中心,並開啟設定頁面。 If you have Office 365 Germany, sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Settings page.
如果您使用由 21Vianet (中國) 提供的 Office 365,請 登入 Microsoft 365 系統管理中心,然後瀏覽至 SharePoint 系統管理中心,並開啟 [設定] 頁面。If you have Office 365 operated by 21Vianet (China), sign in to the Microsoft 365 admin center, then browse to the SharePoint admin center and open the Settings page.
在頁面底部,選取 [傳統設定頁面]。At the bottom of the page, select classic settings page.
在 [自訂腳本] 底下,選取:Under Custom Script, select:
允許使用者在個人網站上執行自訂腳本。Allow users to run custom script on personal sites.
允許使用者在自助服務建立的網站上執行自訂腳本。Allow users to run custom script on self-service created sites.
![SharePoint 系統管理中心的 [設定] 頁面的自訂腳本區段](sharepointonline/media/a96d5c23-6389-4343-81cb-7f055617f6e8.png)
注意
因為「自助網站架設」預設會指向您組織的根網站,所以變更 [自訂腳本] 設定時,會允許您組織的根網站上的自訂腳本。Because self-service site creation points to your organization's root site by default, changing the Custom Script setting allows custom script on your organization's root site. 如需變更網站建立位置的相關資訊,請參閱 在 SharePoint 中管理網站建立。For info about changing where sites are created, see Manage site creation in SharePoint.
- 選取 [確定]。Select OK. 最多可能需要24小時的時間,變更才會生效。It can take up to 24 hours for the change to take effect.
在其他 SharePoint 網站上允許自訂腳本To allow custom script on other SharePoint sites
警告
在您的組織中的網站上允許自訂腳本之前,請務必瞭解 安全性的含義。Before you allow custom script on sites in your organization, make sure you understand the security implications.
若要在特定網站上允許自訂腳本 (之前稱為 "site collection" ) ,請遵循下列步驟:To allow custom script on a particular site (previously called "site collection") immediately, follow these steps:
下載最新的 SharePoint Online 管理命令介面。Download the latest SharePoint Online Management Shell.
注意
如果您安裝的是舊版 SharePoint Online 管理命令介面,請移至 [新增或移除程式],並解除安裝 [SharePoint Online 管理命令介面]。If you installed a previous version of the SharePoint Online Management Shell, go to Add or remove programs and uninstall "SharePoint Online Management Shell."
在下載中心頁面上,選擇您的語言,然後按一下 [下載] 按鈕。On the Download Center page, select your language and then click the Download button. 系統會請您選擇下載 x64 或 x86 .msi 檔案。You'll be asked to choose between downloading a x64 and x86 .msi file. 如果您執行的是 64 位元版本的 Windows,請下載 x64 檔案;或如果您執行的是 32 位元版本,請下載 x86 檔案。Download the x64 file if you're running the 64-bit version of Windows or the x86 file if you're running the 32-bit version. 如果您不知道,請參閱我正在執行哪個版本的 Windows 作業系統?。If you don't know, see Which version of Windows operating system am I running?. 下載檔案之後,請執行檔案,並按照安裝精靈中的步驟進行。After the file downloads, run it and follow the steps in the Setup Wizard.在 Microsoft 365 以全域系統管理員或 SharePoint 管理員的身分登入。Connect to SharePoint as a global admin or SharePoint admin in Microsoft 365. 若要了解如何進行,請參閱開始使用 SharePoint Online 管理命令介面。To learn how, see Getting started with SharePoint Online Management Shell.
執行下列命令。Run the following command.
Set-SPOsite <SiteURL> -DenyAddAndCustomizePages 0
如果您變更使用者 OneDrive 或傳統小組網站的此設定,系統會在24小時內,由系統管理員中心的自訂腳本設定覆寫此設定。If you change this setting for a user's OneDrive or a classic team site, it will be overridden by the Custom Script setting in the admin center within 24 hours.
封鎖自訂腳本時影響的功能Features affected when custom script is blocked
當使用者無法在 OneDrive 或其所建立的傳統小組網站上執行自訂腳本時,網站管理員及擁有者將無法建立新的專案,例如範本、解決方案、主題及說明文件集合。When users are prevented from running custom script on OneDrive or the classic team sites they create, site admins and owners won't be able to create new items such as templates, solutions, themes, and help file collections. 如果您過去已允許自訂腳本,已建立的專案仍會運作。If you allowed custom script in the past, items that were already created will still work.
當使用者無法執行自訂腳本時,無法使用下列網站設定:The following site settings are unavailable when users are prevented from running custom script:
| 網站功能Site feature | 行為Behavior | 附註Notes |
|---|---|---|
| 將網站另存為範本Save Site as Template |
網站設定已無法再使用No longer available in Site Settings |
使用者仍然可以在封鎖自訂腳本之前建立的範本中建立網站。Users can still build sites from templates created before custom script was blocked. |
| 將文件庫另存為範本Save document library as template |
在文件庫設定中已無法再使用No longer available in Library Settings |
使用者仍可在已封鎖自訂腳本之前建立的範本上建立文件庫。Users can still build document libraries from templates created before custom script was blocked. |
| 方案庫Solution Gallery |
網站設定已無法再使用No longer available in Site Settings |
使用者仍然可以使用在已封鎖自訂腳本之前所建立的解決方案。Users can still use solutions created before custom script was blocked. |
| 主題圖庫Theme Gallery |
網站設定已無法再使用No longer available in Site Settings |
使用者仍可在封鎖自訂腳本之前,使用所建立的主題。Users can still use themes created before custom script was blocked. |
| 説明設定Help Settings |
網站設定已無法再使用No longer available in Site Settings |
在封鎖自訂腳本之前,使用者仍然可以存取可用的說明檔案集合。Users can still access help file collections available before custom script was blocked. |
| HTML 欄位安全性HTML Field Security |
仍可在網站設定中使用,但所做的變更將不會生效Still available in Site Settings, but changes made will not take effect |
使用者仍可使用其在自訂腳本封鎖之前所設定的 HTML 欄位安全性。Users can still use HTML field security that they set up before custom script was blocked. |
| 沙箱化解決方案Sandbox solutions |
在網站設定中不再提供方案庫Solution Gallery is no longer available in Site Settings |
使用者無法新增、管理或升級沙箱化解決方案。Users can't add, manage, or upgrade sandbox solutions. 在封鎖自訂腳本之前,他們仍可執行已部署的沙箱化解決方案。They can still run sandbox solutions that were deployed before custom script was blocked. |
| SharePoint DesignerSharePoint Designer |
不是 HTML 的頁面便無法再更新。Pages that are not HTML can no longer be updated. 處理清單: 建立表單 和 自訂動作 將不再運作。Handling List: Create Form and Custom Action will no longer work. 子網站: 新建子 網站和 刪除網站 重新導向至瀏覽器中的 [ 網站設定 ] 頁面。Subsites: New Subsite and Delete Site redirect to the Site Settings page in the browser. 資料來源:無法再使用 [ 屬性 ] 按鈕。Data Sources: Properties button is no longer available. |
使用者仍可開啟部分資料來源。Users can still open some data sources. 若要在 SharePoint 設計工具中開啟不允許自訂腳本的網站,您必須先開啟允許自訂腳本的網站。To open a site that does not allow custom script in SharePoint Designer, you must first open a site that does allow custom script. |
| 上傳可能包含腳本的檔案Uploading files that potentially include script |
下列檔案類型無法再上傳至文件庫The following file types can no longer be uploaded to a library .asmx.asmx .ascx.ascx .aspx.aspx .htc.htc .jar.jar .master.master 。 swf.swf .xap.xap .xsf.xsf |
文件庫中的現有檔案不會受到影響。Existing files in the library are not impacted. |
| 將檔上傳至內容類型Uploading Documents to Content Types |
嘗試將檔範本附加至內容類型時,存取遭到拒絕的訊息。Access denied message when attempting to attach a document template to a Content Type. |
建議使用文件庫檔範本。We recommend using Document Library document templates. |
| 發佈 SharePoint 2010 工作流程Publishing of SharePoint 2010 Workflows |
嘗試發行 SharePoint 2010 工作流程時,存取遭到拒絕的訊息。Access denied message when attempting to publish a SharePoint 2010 Workflow. |
當網站管理員與擁有者執行自訂腳本時,無法使用下列網頁元件和功能。The following web parts and features are unavailable to site admins and owners when you prevent them from running custom script.
| 網頁元件類別Web part category | 網頁元件Web part |
|---|---|
| 商務資料Business Data |
商務資料動作Business Data Actions 商務資料項目Business Data Item 商務資料項目建立幫手Business Data Item Builder 商務資料清單Business Data List 商務資料相關清單Business Data Related List Excel Web AccessExcel Web Access 指標詳細資料Indicator Details 狀態清單Status List Visio Web AccessVisio Web Access |
| CommunityCommunity |
關於此群組About This Community 加入Join 我的成員資格My Membership 工具Tools 發生了什麼事情What's Happening |
| 內容彙總Content Rollup |
類別Categories 專案摘要Project Summary 相關文件Relevant Documents RSS 檢視器RSS Viewer 網站彙總工具Site Aggregator 類別中的網站Sites in Category 字詞屬性Term Property 時間表Timeline WSRP 檢視器WSRP Viewer XML 檢視器XML Viewer |
| Document SetsDocument Sets |
檔組內容Document Set Contents 檔組屬性Document Set Properties |
| 表單Forms |
HTML 表單網頁元件HTML Form Web Part |
| 媒體及內容Media and Content |
內容編輯器Content Editor 指令碼編輯器Script Editor Silverlight 網頁元件Silverlight Web Part |
| 搜尋Search |
細化Refinement 搜尋方塊Search Box 搜尋導覽Search Navigation 搜尋結果Search Results |
| 搜尋導向內容Search-Driven Content |
Catalog-Item 重複使用Catalog-Item Reuse |
| 社交共同作業Social Collaboration |
連絡人詳細資料Contact Details 記事區Note Board 組織瀏覽器Organization Browser 網站摘要Site Feed 標記雲端Tag Cloud 使用者工作User Tasks |
| 主版頁面圖庫Master Page Gallery |
無法建立或編輯主版頁面Can't create or edit master pages |
| 發佈網站Publishing Sites |
無法建立或編輯主版頁面和頁面配置Can't create or edit master pages and page layouts |
向使用者傳達腳本設定變更的最佳作法Best practice for communicating script setting changes to users
在您先前允許的網站上避免自訂腳本之前,建議您先將此項變更傳遞給使用者,讓使用者能夠瞭解它的影響。Before you prevent custom script on sites where you previously allowed it, we recommend communicating the change well in advance so users can understand the impact of it. 否則,習慣變更主題或在其網站上新增網頁元件的使用者,將突然無法進行,並將看到下列錯誤訊息。Otherwise, users who are accustomed to changing themes or adding web parts on their sites will suddenly not be able to and will see the following error message.
預先傳達變更可減少使用者不滿和支援通話的情況。Communicating the change in advance can reduce user frustration and support calls.