{"id":14558,"date":"2026-01-17T10:01:37","date_gmt":"2026-01-17T01:01:37","guid":{"rendered":"https:\/\/m365jp.net\/?p=14558"},"modified":"2026-01-17T10:01:46","modified_gmt":"2026-01-17T01:01:46","slug":"mc1218747-power-apps-c-content-security-policy-enforcement-for-power-apps-code-apps","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2026-01-17-mc1218747-power-apps-c-content-security-policy-enforcement-for-power-apps-code-apps","title":{"rendered":"MC1218747 | Power Apps C Content Security Policy enforcement for Power Apps code apps"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">MC1218747 | Power Apps C Content Security Policy enforcement for Power Apps code apps<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Classification<\/th>\n<td>stayInformed<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>01\/17\/2026 00:52:19<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>01\/17\/2026 00:51:52<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td>02\/17\/2026 00:51:52<\/td>\n<\/tr>\n<tr>\n<th>Message Content<\/th>\n<td>Starting on <b>January 26, 2026<\/b>, we will introduce strict Content Security Policy (CSP) enforcement for  <a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link1\">Power Apps code apps (preview)<\/a>. CSP is a security feature that protects apps from malicious content by restricting which external sources an app can access.<\/p>\n<p>  <b>How does this affect me?<\/b><br \/>  After <b>January 30, 2026<\/b>, Power Apps code apps that call assets outside of Power Apps domains will have those requests blocked by default. The code app will play, but these assets called from an external source will not load.<\/p>\n<p>  Please visit <a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link2\">How to: Configure Content Security Policy (preview) &#8211; Power Apps<\/a> for more information about the default CSP configuration.<\/p>\n<p>  <b>What action do I need to take?<\/b><br \/>  To enable your code app to call assets from external sources, you will need to <b>  allowlist any required external sources<\/b> using the CSP configuration settings in the Power Platform admin center.<\/p>\n<p>  To prepare for this change, we recommend you <a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link3\">  configure CSP by using Power Platform admin center<\/a> and follow the steps below. We recommend taking these steps if you are unsure about what your CSP configuration should be, and your code app is business critical:  <\/p>\n<ol>\n<li>Temporarily toggle off the <b>Enforce content security policy<\/b> setting.<\/li>\n<li>Toggle on the <b>Enable reporting<\/b> setting.<\/li>\n<li>Test which sources need to be added to your allowlist after the enforcement date of January 30, 2026.<\/li>\n<li>Add the required sources to your allowlist.<\/li>\n<li>Toggle on the <b>Enforce content security policy<\/b> setting.<\/li>\n<\/ol>\n<p>  If your app does not need to call external assets or is not business critical, leave CSP enforcement enabled and  <a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link4\">enable reporting<\/a> mode to monitor policy violations and proactively configure CSP.<\/p>\n<p>  Please contact Microsoft Support if you need further assistance.<\/td>\n<\/tr>\n<tr>\n<th>Machine Translation<\/th>\n<td><b>2026\u5e741\u670826<\/b>\u65e5\u3088\u308a\u3001<a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link1\">Power Apps\u30b3`\u30c9\u30a2\u30d7\u30ea(\u30d7\u30ec\u30d3\u30e5`\u7248)<\/a>\u306b\u3057\u3066\u683c\u306a\u30b3\u30f3\u30c6\u30f3\u30c4\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30dd\u30ea\u30b7`(CSP)\u306e\u5236\u3092\u6bea\u7b4f\u84fc\u57c2CSP\u306f\u3001\u30a2\u30d7\u30ea\u304c\u30a2\u30af\u30bb\u30b9\u3067\u304d\u308b\u5916\u90e8\u30bd`\u30b9\u3092\u5236\u9650\u3059\u308b\u3053\u3068\u3067\u610f\u306e\u3042\u308b\u30b3\u30f3\u30c6\u30f3\u30c4\u304b\u3089\u30a2\u30d7\u30ea\u3092\u5b88\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3C\u80fd\u3067\u3059\u3002<\/p>\n<p>  <b>\u3053\u308c\u304c\u79c1\u306b\u3069\u3046\u5f71\u3059\u308b\u306e\u3067\u3057\u3087\u3046\u304b?<\/b><br \/>  <b>2026\u5e741\u670830\u65e5<\/b>\u4ee5\u964d\u3001Power Apps\u30c9\u30e1\u30a4\u30f3\u5916\u306eYb\u3092\u547c\u3073\u51fa\u3059Power Apps\u30b3`\u30c9\u30a2\u30d7\u30ea\u306f\u3001\u30c7\u30d5\u30a9\u30eb\u30c8\u3067\u305d\u306e\u30ea\u30af\u30a8\u30b9\u30c8\u304c\u30d6\u30ed\u30c3\u30af\u3055\u308c\u307e\u3059\u3002\u30b3`\u30c9\u30a2\u30d7\u30ea\u306f\u518d\u751f\u3055\u308c\u307e\u3059\u304c\u3001\u5916\u90e8\u30bd`\u30b9\u304b\u3089\u547c\u3073\u51fa\u3055\u308c\u305f\u3053\u308c\u3089\u306e\u30a2\u30bb\u30c3\u30c8\u306fi\u307fz\u307e\u308c\u307e\u305b\u3093\u3002<\/p>\n<p>  \u30c7\u30d5\u30a9\u30eb\u30c8\u306eCSPO\u5b9a\u306e\u306b\u3064\u3044\u3066\u306f\u3001 <a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link2\">How to: Content Security Policy (preview) &#8211; Power Apps<\/a> \u3092\u3054E\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>  <b>\u3069\u3093\u306a\u3092\u53d6\u308c\u3070\u3044\u3044\u306e\u3067\u3057\u3087\u3046\u304b?<\/b><br \/>  \u30b3`\u30c9\u30a2\u30d7\u30ea\u3067\u5916\u90e8\u30bd`\u30b9\u304b\u3089Yb\u3092\u547c\u3073\u51fa\u3059\u306b\u306f\u3001Power Platform\u7ba1\u7406\u30bb\u30f3\u30bf`\u306eCSPO\u5b9a\u3067 <b>\u5fc5\u8981\u306a\u5916\u90e8\u30bd`\u30b9\u3092S\u53ef\u30ea\u30b9\u30c8<\/b> \u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n<p>  \u3053\u306e\u6d93\u6d43\u00e0\u6bea\u90e1\u5e37 <a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link3\">Power Platform\u7ba1\u7406\u30bb\u30f3\u30bf`\u3092\u4f7f\u7528\u3057\u3066CSP\u3092O\u5b9a\u3057<\/a> \u3001\u4ee5\u4e0b\u306e\u624b\u306b\u3046\u3053\u3068\u3092\u304a\u5e5b\u5e5b\u7b4f\u84fc\u57c2CSP\u306eO\u5b9a\u306b\u8ff7\u3044\u304c\u3042\u308a\u3001\u30b3`\u30c9\u30a2\u30d7\u30ea\u304c\u30d3\u30b8\u30cd\u30b9\u7684\u306b\u91cd\u8981\u306a\u9f8a\u7a00\u2481\u97f5\u9647\u8fdd\u653b\u5339\u6c13\u9a7b\u86f1\u3044\u5576\u957f\u8da3\u988f\u5e5b\u5e5b\u7b4f\u84fc\u57c2  <\/p>\n<ol>\n<li>\u4e00r\u7684\u306b <b>Enforce\u30b3\u30f3\u30c6\u30f3\u30c4\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30dd\u30ea\u30b7`<\/b> \u306eO\u5b9a\u3092\u30aa\u30d5\u306b\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/li>\n<li>\u300c <b>\u87fe\u599e\u86f4\u90e1\u6454\u5de5<\/b> \u300dO\u5b9a\u3092\u30aa\u30f3\u306b\u5207\u308a\u66ff\u3048\u3066\u304f\u3060\u3055\u3044\u3002<\/li>\n<li>2026\u5e741\u670830\u65e5\u306e\u65bd\u884c\u65e5\u4ee5\u964d\u306bS\u53ef\u30ea\u30b9\u30c8\u306b\u8ffd\u52a0\u3059\u3079\u304d\u60c5\u7b24\u6410\u8bd5^\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/li>\n<li>\u5fc5\u8981\u306a\u60c5\u7b24\u6410\u86dfS\u53ef\u30ea\u30b9\u30c8\u306b\u8ffd\u52a0\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/li>\n<li>\u300c <b>Enforce Content Security policy<\/b> \u300dO\u5b9a\u3092\u30aa\u30f3\u306b\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/li>\n<\/ol>\n<p>  \u30a2\u30d7\u30ea\u304c\u5916\u90e8Yb\u3092\u547c\u3073\u51fa\u3059\u5fc5\u8981\u304c\u306a\u3044\u9f8a\u6089\u6d48\u9e70\u5f17\u5ead\u80a1\u73b0\u533e\u9f8a\u7a00CSP\u5236\u3092\u6709\u90e1\u6454\u7b4f\u90e1\u84fc\u8556\u6b39\u8378`\u30c8\u30e2`\u30c9 <a target=\"_blank\" href=\"https:\/\/aka.ms\/13661Link4\">  \u3092\u6709\u90e1\u6454<\/a> \u3066\u30dd\u30ea\u30b7&#8220;\u53cd\u3092O\u3057\u3001CSP\u3092eO\u7684\u306bO\u5b9a\u3057\u3066\u304f\u3060\u3055\u3044\u3002<\/p>\n<p>  \u3055\u3089\u306b\u304a\u56f0\u308a\u306e\u9f8a\u6089\u7a00Microsoft\u30b5\u30dd`\u30c8\u307e\u3067\u304a\u3044\u5408\u308f\u305b\u304f\u3060\u3055\u3044\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>MC1218747 | Power Apps C Content Security Policy enforcement for Power Apps code apps Classification stayInfor [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-14558","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/14558","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=14558"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/14558\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=14558"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=14558"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=14558"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}