The JavaScript files are typically added as Attachments to pages. Userscripts for Confluence checks that the file has the proper filename extension ".js" and that the file size is not larger than 1 mega byte. To ensure that the JavaScript file is not manipulated by unprivileged users, the app only provides only files that are accessible by | Static Document Link |
|---|
| document | Confluence Administrator |
|---|
| label | confluence administrators |
|---|
|
or | Static Document Link |
|---|
| document | Userscripts Administrator |
|---|
| label | userscripts administrators |
|---|
|
.Therefore the page is required to allow only members of these groups to access files in write mode. If no restrictions are set on page level, the app requires that the space is only accessible by members of these two groups. | Caution Box |
|---|
It is recommended to add JavaScript files only to dedicated spaces where only the mentioned groups have access to. As space admin go to the Permissions tab of Space Tools.  Image Modified
Also make sure that all Individual Users listed on this page are members of either | Static Document Link |
|---|
| document | Confluence Administrator |
|---|
| label | confluence administrators |
|---|
|
or | Static Document Link |
|---|
| document | Userscripts Administrator |
|---|
| label | userscripts administrators |
|---|
|
.Disallow Anonymous Access. Alternatively you may also configure the proper access restrictions at page level. |
Note that the user services need to serve JavaScript files to users independent of their access privileges. Especially anonymous users may need to execute JavaScript code without access privileges to the attached JavaScript files. | 
