CSP Content Security Policies (CSP) Enforcement for SPFx Apps

What is this about

A change is coming to SharePoint online on June 1 2026 that will affect all SPFx based apps (those built on the SharePoint Framework).

Microsoft will be enforcing Content Security Policies (CSP) for SharePoint online using SPFx apps and this is a very positive step to enhance security on these apps.

From June 1st 2026 Microsoft will block scripts such as CSS, JavaScript, etc… that are used in SharePoint Framework (SPFx) apps from non-trusted sources.

What does this mean for Sintel Apps

Sintel has already updated our apps to account for this change by adding our own trusted sources as follows:

• https://app.sintelapps.com (to support legacy Sintel Forms)
• https://cdn.sintelapps.com (to support our new Sintel Apps and Sintel BI)

Our updated apps have already been submitted to Microsoft AppSource and have been approved and published by Microsoft.

What does this mean for you

If you have installed Sintel Apps or Sintel BI from Microsoft AppSource (which is the approach that both Microsoft and Sintel recommend) then there is nothing for you to do.

If you choose to manually install Sintel Apps and Sintel BI by adding the app packages into your tenant app catalog you simply need to update those app packages.

• Step 1 Download the latest app packages for Sintel Apps and Sintel BI
• Step 2 Upload the 2 new packages (this must be done using the modern experience)

Enable App Prompt