Starting on January 26, 2026, we will introduce strict Content Security Policy (CSP) enforcement for Power Apps code apps (preview). CSP is a security feature that protects apps from malicious content by restricting which external sources an app can access. How does this affect me? After January 30, 2026, Power Apps code apps that call assets outside of Power Apps domains will have those requests blocked by default. The code app will play, but these assets called from an external source will not...
Applies to: Power Apps
Source: mc.merill.net — data via Merill Fernando's open archive (MIT).