You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/spfx/publish-to-marketplace-checklist.md
+8-2Lines changed: 8 additions & 2 deletions
Original file line number
Diff line number
Diff line change
@@ -105,6 +105,12 @@ Verify that your application can be installed in a specific site but also that i
105
105
106
106
If your application requires additional API access (for example to communicate with Microsoft Graph), it should request them in the solution manifest. Additionally, prepare justification for the requested API access as we might ask for it when reviewing your app.
107
107
108
+
### Supporting end users to inject scripts is not allowed
109
+
110
+
Your solution cannot enable end users to embed arbitrary scripts to SharePoint pages. This means that solutions which enable classic script editor or content editor scenarios in SharePoint are not allowed to be published to SharePoint Store.
111
+
112
+
This model is not allowed through the SharePoint Store as it opens security concerns by normal end users embedding scripts on the portal. You can only provide this kind of solution to customers outside fo the Microsoft hosted store.
113
+
108
114
### All URLs displayed in the web part must be working
109
115
110
116
If your web part shows URLs, they must be pointing to existing resources and must not lead to non-existent or error pages.
@@ -154,15 +160,15 @@ If your offering includes a free trial of your application, then your applicatio
154
160
155
161
### Don't include malicious code
156
162
157
-
Solutions that contain malicious code, links to malicious websites or otherwise illegal resources will be rejected from publishing in the Marketplace.
163
+
Solutions that contain malicious code, link to malicious websites or otherwise illegal resources will be rejected from publishing in the Marketplace.
158
164
159
165
### Don't include vulnerable resource
160
166
161
167
Verify, that your code doesn't contain any vulnerabilities. If you're using third-party dependencies
162
168
163
169
### Ensure that your application doesn't use resources excessively
164
170
165
-
When testing your application, verify that it doesn't lead to noticeable or sustained increase in CPU usage, that it doesn't consume a lot of memory an that it doesn't lead to the browser becoming unresponsive. In general, your application should run well on an average desktop computer with internet access. Also, it shouldn't take longer than 10 seconds for your application to load.
171
+
When testing your application, verify that it doesn't lead to noticeable or sustained increase in CPU usage, that it doesn't consume a lot of memory and that it doesn't lead to the browser becoming unresponsive. In general, your application should run well on an average desktop computer with internet access. Also, it shouldn't take longer than 10 seconds for your application to load.
166
172
167
173
### Microsoft Teams targeted solutions will need to be tenant scoped
0 commit comments