SPC025501: Do not set 'AllowEveryoneViewItems' to TRUE in ListDefinition |
The attribute ListAllowEveryoneViewItems of a ListDefinition should not be set to true, as it allows every authenticated user of the web application to access the list items when the URL is known.
| CheckId | SPC025501 |
|---|---|
| TypeName | DoNotSetAllowEveryoneViewItemsToTrue |
| Severity | CriticalWarning |
| Type | ListTemplate |
The attribute 'AllowEveryoneViewItems' of the SPList object should not be set to true, as it allows every authenticated user of the web application to access the list items when the URL is known.
To suppress this violation in XML SharePoint code add the following comment right before the XML tag which causes the rule violation. Learn more about SuppressMessage here.
<!-- "SuppressMessage":{"rule":"SPC025501:DoNotSetAllowEveryoneViewItemsToTrue","justification":"Provide reason for suppression here"} -->
Disclaimer: The views and opinions expressed in this documentation and in SPCAF do not necessarily reflect the opinions and recommendations of Microsoft or any member of Microsoft. SPCAF and RENCORE are registered trademarks of Rencore. All other trademarks, service marks, collective marks, copyrights, registered names, and marks used or cited by this documentation are the property of their respective owners.