Allow or restrict the ability to embed content on SharePoint pages
Applies ToSharePoint Server Subscription Edition SharePoint Server 2019 SharePoint in Microsoft 365 Microsoft 365 admin

SharePoint site collection administrators control whether users can embed content from external websites using the embed web part. If they don't let contributors embed content, users who try to do so will see an error message that says, “Embedding content from this website isn't allowed.”

Site level settings

Site collection admins can turn off embedding content, allow embedding content from a specific list of sites, or allow embedding from any site by changing the HTML Field Security setting in Site settings. Here's how:

  1. Browse to the root site of your site collection.

  2. Select Settings, then select Site settings. If you don't see Site settings, select Site information and then select View all site settings.

  3. On the Site Settings page, under Site Collection Administration, select HTML Field Security.Screen shot of the Site Collection Administration options, with the HTML Field Security setting.

  4. Select one of the following options:

    • Don't allow contributors to insert iframes from external domains to disallow the use of iFrames for all sites in the site collection.

    • Allow contributors to insert iframes from any domain to allow the use of iFrames for all sites in the site collection and to allow data from any external website to be displayed in the iFrame. For security reasons, we don't recommend this option.

      Note: When custom scripting is turned off for your site, this option applies only to the Embed web part. All other HTML fields will only allow embedding from the specified list of external domains described below. For more information on scripting, see Allow or prevent custom script.

    • Allow contributors to insert iframes only from the following domains to add a web domain to a list of domains whose content can be displayed in iframes in the site collection. To remove a website from the list, select it, and then select Remove.

      Set the restrictions on adding iFrames

  5. Select OK.

SharePoint comes with a default list of websites from which content can be displayed. You can add or remove sites in this list.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.