Outlook Add-In's stoped working, because outlook web interface want to confirm domain using dialog which is blocked by browser
Somewhere between 13.Oct and today (16. Oct) I (and no one else in our company) can no longer use Outlook Add-Ins in Outlook. This is true for Add-Ins added by the user and Add-Ins deployed by the administrator. (We do not have Add-Ins installed from the Store)
The website started asking if the domain is trusted with a confirmation dialog. However this seems to be prevented by the browser (chrome and Firefox) I assume because the allow-modals is not set on the frame that hosts the Add-In. I tested to manipulate the website using fiddler to include the allow-modals and the dialog appeared and after confirmation the add-in worked.
Our Admin says he did not update the Exchange server in the past days. Since It happens in multiple browsers now, I also suspect it was not an silent update of the browser.
We are using the "old" OWA UI. And the Add-Ins open a task panel to the side. This displays an error:
The English version has following Text:
This add-in has been disabled to help keep you safe. To continue using the add in, validate that this item is hosted in a trusted domain or open it in the Office desktop app.
Using the continue button does nothing. (It shows a text that nothing can be done, without providing any information)
Does anyone have an Idea what could have changed? And how to turn it back or mitigate it?
Some Add-In are deployed by the Admin, so the User should not need to confirm the domain is trusted.
The office-js script that was included by CDN was updated, breaking the Add-In. It needs an update released two days earlier for Exchange.
So I see two solutions.
- Always update your Exchange the day the update is released
- Use a fixed version from the NPM repository and update the version manually