search

OfficeDev / office-js

A repo and NPM package for Office.js, corresponding to a copy of what gets published to the official "evergreen" Office.js CDN, at https://appsforoffice.microsoft.com/lib/1/hosted/office.js.
https://learn.microsoft.com/javascript/api/overview
Other
670 stars 96 forks source link

Outlook addin not loading out of nowhere on Outlook Web / New Outlook (Refused to frame) #3835

Closed jrouzies-fr closed 10 months ago

jrouzies-fr commented 10 months ago

Provide required information needed to triage your issue

Hello,

Outlook Add-in works great in Outlook Desktop, and was working great also on Web, but got report a week ago that it stopped on the Web Version.

The add-in simply reads some email header in EWS JS and send an email when clicking on a Report spam button.

Your Environment

Expected behavior

Add-in should open properly, like on Outlook Desktop:

image

Current behavior

Add-in does not load in Outlook Web / New Outlook with error:

image

Console error:

Refused to frame 'https://officeaddins.o2f-it.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self' https://weshare.news"

Context

Nothing changed on the addin, no new code, no new server or reverse proxy.

Any help is appreciated!

Thanks

jrouzies-fr commented 10 months ago

Issue was an HTTP header Content Security was set on IIS by IAC