Open cattermo opened 1 month ago
@m-hellesen Could you help take a look this issue? Thanks.
Thanks so much for the detailed information and for giving us a sample add in. Questions for you while I look into it, has this worked for you in the past? Have you taken a look at this portion of the docs about cross domain messaging? https://learn.microsoft.com/en-us/office/dev/add-ins/develop/dialog-api-in-office-add-ins#cross-domain-messaging-to-the-dialog-runtime
Thanks so much for the detailed information and for giving us a sample add in. Questions for you while I look into it, has this worked for you in the past? Have you taken a look at this portion of the docs about cross domain messaging? https://learn.microsoft.com/en-us/office/dev/add-ins/develop/dialog-api-in-office-add-ins#cross-domain-messaging-to-the-dialog-runtime
Hi! Thank you for looking into this. I did a small rebuild of our Add-In in December last year, moving from iframe popup to popup window. Then this workflow was working (open popup window with own domain -> redirect to other domain -> redirect back to same domain -> pass message to host page). I had to turn off some security headers to make it work (crossOriginOpenerPolicy and crossOriginResourcePolicy) but then it worked.
I'm not trying to message cross domain, I want to send the message after going back to same the same domain as the host page.
@cattermo I have run into similar issues with Office Online. After redirecting and coming back to the same origin, it can't communicate with the add-in. I suspect it's due to losing the original window.opener
reference -- not sure.
I found a solution which involves never redirecting the dialog window. Instead, you pop open a second window and do the redirect flow there. You communicate with the original dialog window via BroadcastChannel.
@cattermo I have run into similar issues with Office Online. After redirecting and coming back to the same origin, it can't communicate with the add-in. I suspect it's due to losing the original
window.opener
reference -- not sure.I found a solution which involves never redirecting the dialog window. Instead, you pop open a second window and do the redirect flow there. You communicate with the original dialog window via BroadcastChannel.
This sounds like a good workaround if the office-js team does not manage to solve the problem. Since it's possible to do this with a new popup window, office-js should be able to do it with its popup window...
@m-hellesen Are you still looking into the issue? Any progress?
Please? Can someone have a look at this?
Hey, I do have someone looking into this. Did the workaround unblock you for now?
Hey, I do have someone looking into this. Did the workaround unblock you for now?
Ok, great, thank you 🙇 . Since it used to work late last year I would rather not build a different solution that then have to be removed when the real one starts working again 😬
Hey @cattermo, I have been looking into the issue and it seems that the domain policy needs to be changed. Could you please verify if it works when the Cross-Origin-Opener-Policy header is not set to 'same-origin'. Let me know if this solves the issue. Thanks.
Hey @cattermo, I have been looking into the issue and it seems that the domain policy needs to be changed. Could you please verify if it works when the Cross-Origin-Opener-Policy header is not set to 'same-origin'. Let me know if this solves the issue. Thanks.
Sorry for late response, was bank holiday in Sweden.
Sadly setting "Cross-Origin-Opener-Policy": "unsafe-none"
does not make any difference.
When using
displayDialogAsync
in office on the web, the host page receiveserror:12006
as soon as the popup navigates to a different domain.Your Environment
Expected behavior
Following this guide https://learn.microsoft.com/en-us/office/dev/add-ins/develop/dialog-api-in-office-add-ins it should be possible to open a popup window, from the host page by using
displayDialogAsync
, with the same domain, navigate to a different subdomain or domain, and then after coming back to the same domain, send a message to the host page.Current behavior
As soon as the popup window leaves the same domain and navigates to a different domain my host page gets a dialog event with
{error: 12006}
as if the user closed the popup window. After this happens there is no more communication from the popup window to the host page.Steps to reproduce
I have created a minimal Add-in that reproduces the problem here https://github.com/cattermo/officejs-reproduce-dialog-problem
Link to live example(s)
If one does not bother to run anything locally, one can install the test version of our real app where I have added some things to really showcase the problem. Use this manifest: https://testbed-office-addin.scrive.com/public/manifest-testbed.xml No account is needed since the bug happens before the user gets a chance to login.
Context
I think this is a very common use case, to open a popup to do authentication flow (since most login pages does not allow iframing). I have no idea how to achieve this in a good way if the popup cannot tell the host page when authentication is done.