Chris Williams on 19 Jun 2020 22:46:23
Current rules for certified visuals prevent visuals from making requests outside of PowerBI.
The specific rule states:
1200.1.3 Code security
Your source code should comply with all security and privacy policies. Source code must be safe and not pass or transmit customer data externally.
This seems like a good rule, but Microsoft is now interpreting this to prevent certified visuals from making requests to any external location, even to display images. Certified visuals like the popular Image control by my company are now no longer approved.
This rule prevents visuals from displaying images from the Internet or even from a company's Azure Blob Storage account, severely limiting their functionality.
The alternative is to use a non-certified visual, which many organizations may not allow. Non-certified visuals can also not be exported in PDF or PPT.
Report authors should be free to use a certified visual to display images from whatever source they choose.
- Comments (9)
RE: Certified visuals should be able to display external images
Thats a very silly interpretation and they should be very careful before changing the rules.
Power BI users are now 2..5m+ and Publish to Web is used by many crucial public dashboards including conveying information on Coronavirus COVID-19.
RE: Certified visuals should be able to display external images
Please. The latest decision makes it impossible for us to show a report showing the logo of the related customer dynamically.
RE: Certified visuals should be able to display external images
I don't understand this either. We use several of these types of visuals to make reports look amazing.
so does MSFT...
The report used for marketing on the desktop main info page (https://powerbi.microsoft.com/en-us/desktop/) is one made by Microsoft and it uses a custom visual by Microsoft that grabs online images. It also uses one form Cloudscope, too.
Will the MSFT one stay certified?
(https://appsource.microsoft.com/en-us/product/power-bi-visuals/WA104380806?tab=Overview)
Generally if MSFT wants to help us keep our data safe then they should work on simple features for data protection and governance. One idea would be a section in the 'Get more visuals' dialog for visuals that do not send data. Otherwise they are keeping us from using even their own cloud products like Azure blobs for images.
This also kills the idea of having any image processing visuals - think 'Key influencers' for images. I don't have a full use case in my head but it seems really silly to cut that off.
FYI. You can download that report here:
https://powerbi.tips/2020/02/mind-blown
RE: Certified visuals should be able to display external images
Of course this should be possible. This is not a kindergarden, as every company can should take care of their own image policies and security issues.
RE: Certified visuals should be able to display external images
Totally agree. I have this visual on a lot our Corporate reports. Very annoying to not be able to update or add more visuals
RE: Certified visuals should be able to display external images
Agree, we should have access to external visuals.
RE: Certified visuals should be able to display external images
This is annoying
RE: Certified visuals should be able to display external images
Very annoying we can no longer use this visual.
RE: Certified visuals should be able to display external images
This is insanity! Honestly PowerBI? Not only do you not have an out of the box simple image viewer, now you are preventing CERTIFIED visuals from displaying images. We have hundreds of customers relying on this. So upsetting.