Wednesday, March 13, 2013

SharePoint 2013: Allow Embedding of External Content

In my previous post regarding embedding videos from YouTube, a reader mentioned that SharePoint would only allow YouTube videos to be embedded but not other sites. To understand the behavior of sites not authorized, I removed YouTube and attempted to embed a new video:

The embed code is invalid because the source of the embed content is not allowed.


I received an error message "The embed code is invalid because the source of the embed content is not allowed." as shown above. This is an easy fix. There are default domains configured within SharePoint site collections that permit contributors to insert iframes:
  • youtube.com
  • youtube-nocookie.com
  • player.vimeo.com
  • bing.com
  • office.microsoft.com
  • skydrive.live.com

You may add additional domains to this configured list. To access this permission configuration, go to the Site Settings of the Site Collection you wish to modify. Locate and click on the HTML Field Security link under Site Collection Administration:

 
On the HTML Field Security page , enter the domain (e.g. videosite.com) in the provided text box, and click Add.
 

 

Once the new domain appears in the list, click OK.

You may also simply select "Permit contributors to insert iframes from any external domain into pages on this site" to allow anything and everything. That may be a little gutsy but would save people trouble.

 

No comments:

Post a Comment