ShortPoint is a JavaScript product that runs on the browser, this means server-side programs are not required for it to function. The installation will dynamically inject ShortPoint JavaScript and CSS files in the page header using Microsoft's best practices.
We offer different installation types and packages which same thing and load the same files. The following table illustrates the main differences and specifications for each package. We leave it up to you to pick the package that suits you best.
TABLE OF CONTENTS
- ShortPoint Installation Types Comparison
- ShortPoint Farm Solutions for SharePoint On-Premise are Signed
- Frequently Asked Questions by Security Teams and Administrators
- How does it work?
- Will it conflict with our existing sites and customizations?
- When you are designing pages, what does it do in the background?
- Does ShortPoint create new master pages and page layouts, or it works with any master page(s) and page layouts?
- Does it work with publishing site templates (the ones that are used with public-facing websites)
- Is there any impact on the already-installed environment?
- Is it easy and safe to remove ShortPoint?
- What are security issues & how it is handled on your side?
- How to migrate pages we designed using ShortPoint to other farms, sites or another version of SharePoint. Like SharePoint 2016, Online or Office 365?
ShortPoint Installation Types Comparison
Find more details about ShortPoint installation depending on the solution type in the table below:
ShortPoint Farm Solution | ShortPoint SPFx | |
Where can I install it? |
|
With App Environment Configured |
Does it require internet access? | No | Yes Not the server, only users' browsers. |
If yes, why? | To load ShortPoint JavaScript and CSS files from Azure CDN and Amazon CloudFront. It is recommended to boost the performance, page loading time and speed. | |
Do I need the internet to activate the license? | No | Yes |
What about the performance and files loading speed? | High Files will be loaded from SharePoint Layouts folder. | High Files will be loaded from Azure CDN and Amazon CloudFront. |
When to use? |
|
|
ShortPoint Farm Solutions for SharePoint On-Premise are Signed
The ShortPoint setup file is created following Microsoft's best practices and guideline. It is solution created using the most popular SharePoint installer. It is signed, verified, secured and certified for ShortPoint using the world's highest security standards: Extended Validation (EV) Code Signing Certificate by DigiCert.
Frequently Asked Questions by Security Teams and Administrators
How does it work?
When you install and activate ShortPoint, it dynamically injects ShortPoint JavaScript and CSS files to the page header using Microsoft best practices. Our files are minified, optimized, obfuscated and compressed to the highest levels.
Will it conflict with our existing sites and customizations?
ShortPoint does not change a single file in your farm or tenant. It works with any master page, page layouts and does not conflict with any third-party solution. This is because ShortPoint loads a JavaScript and CSS file dynamically to the page header, and we carefully designed our code so that it will not conflict with any other customizations or JavaScript libraries. If it does conflict, it will be a minor theme compatibility issue, and we will solve it at the CSS level in a few hours.
When you are designing pages, what does it do in the background?
For example, when you insert a Slideshows Design Element to the page, it adds a code (ShortPoint plain text markup language) to the page content. When the page is loaded, ShortPoint JavaScript engine will convert ShortPoint plain text markup with the latest UI markup in few milliseconds. The rest will be handled by the browser's JavaScript engine.
Does ShortPoint create new master pages and page layouts, or it works with any master page(s) and page layouts?
ShortPoint saves a plain text code in the page content. ShortPoint works and integrates seamlessly with Microsoft SharePoint authoring features. We do not create any master page, page layout or any page. ShortPoint works with SharePoint OOTB master pages, page layouts, content editor web part and page content fields. It will also work with your customized master pages and page layouts.
Does it work with publishing site templates (the ones that are used with public-facing websites)?
Yes, ShortPoint supports publishing site templates. Works with any master page or page layout and adapt to any customizations and branding.
Is there any impact on the already-installed environment?
In rare cases, after installing ShortPoint on heavily customized SharePoint sites (branded publishing sites with custom master pages), our design elements do not match perfectly with custom site theme. This is not a major issue and will not affect your site at all. If a problem is spotted after installation, our team will fix it and make sure ShortPoint matches your theme.
Is it easy and safe to remove ShortPoint?
Yes, You can first deactivate the ShortPoint feature at any level. It will remove ShortPoint completely from the site. Uninstalling the farm solution or removing SPFx App from App catalog will also remove ShortPoint from the whole tenant or farm.
The uninstallation will mainly remove the JavaScript and CSS references from the page headers and the ribbon buttons.
What are security issues & how it is handled on your side?
There are no calls outside your site, the activation of the license can also be done offline.
ShortPoint works with the supported SharePoint authoring features, and we do not override or change them.
ShortPoint uses SharePoint Client Side and REST APIs to make calls to existing site content. This is the recommended approach by Microsoft, and your site permissions and authorization settings will be applied.
ShortPoint Solutions are signed, certified, secured and validated using world's most advanced code signing certificate DigiCert. It is the only recommended company by Microsoft.
Since XSS attacks come from an invalidated user input, it is good to note that all forms that require user input in ShortPoint can only be accessed when the user is authenticated and authorized.
To make sure that the end user’s data through ShortPoint remains safe all the time, we have added a Filters Layer into the product, this layer depends on two of the most well-known XSS filtering libraries (XSS-Filters by Yahoo Engineering & the popular JsXss Node module). We have used a mix of these two modules to fit our special needs in handling every aspect of user input in ShortPoint while not breaking the important part in the end user's page.
To enable end-users to write rich text content from the Inserter Dialog, we have carefully picked a highly flexible & secure rich text editor to do this job (Froala Editor). Froala editor has a strong defense mechanism against all types of XSS attacks. The world-renowned Ashar Javed tested it.
Our JavaScript is not only being minified, but we are also obfuscating them using Jscrambler.
All data that are passed from ShortPoint repositories were updated to be serialized using the abstract JSON.stringify() method to serialize the JavaScript object instead of regular string concatenation methods.
ShortPoint's Inserter is the most area in ShortPoint that contains text fields, each ShortPoint design element can be customized using a bunch of text fields, and it is important to make sure that every field does not contain any potentially harmful code by the end user. All inserter fields will be validated using the ShortPoint filters layer to make entered data are safe and clean.
How to migrate pages we designed using ShortPoint to other farms, sites or another version of SharePoint. Like SharePoint 2016, Online or Office 365?
You only need ShortPoint to be installed on both sides, regardless of the installation type as well. Then all you must do is to move the pages using any migration method.
Related articles: