I am trying to build an Excel/Word task pane add-in that should show content from our site. The content/data is passed in XML format.
What I have tried to do is the following:
Office.initialize = function (reason) {
$(document).ready(function () {
app.initialize();
$.support.cors = true;
var data = '';
$.ajax({
type: "GET",
contentType: "application/json; charset=utf-8",
url: 'http://addons.mysite.com/excel-taskpane-data.php',
data: data,
dataType: "json",
success: onQuerySuccess,
error: onQueryError
});
function onQuerySuccess(res, statusText) {
console.log('success!!' + res.statusText);
}
function onQueryError(res, statusText){
console.log('failed!!' + res.statusText);
}
});
};
As you can understand from the code above I was just checking if connection could be made to the external source, but I am getting "Access Denied" in the console.
I am not really sure how should I request data from an external source and whether it is possible at all?
Please help
You mentioned 'external' so I bet http://addons.mysite.com/ is not the domain that serves your web add-in.
To make it work you have to check several things.
Serving with Https. As written by Michael make sure you use https. Mixed content (mixing of http and https) is blocked by most server and Office web add-ins can only be served with https.
Make sur your PHP web api supports CORS.
I am no PHP expert so here is a small link
Try to specify https://addons.mysite.com as AppDomain
The sandboxed iFrame allow only request and navigation on the same domain (the one that you use to serve you web-addin). But you can specify some exceptions see here. It works with navigation and I am not sure it works with XHR...
If step 3 did not work try to use JSON/P techniques as described here
JSON/P with Office add-ins
Yes, you can make Ajax HTTP requests from Office web add-ins such as your Excel/Word task pane. They work exactly the same as they would on a normal web page, except we have an additional requirement of using "https" rather than "http" to access the endpoint.
I can't identify the cause of your specific issue without information about the actual endpoint you're calling. Start by just trying your code on a normal web page and access it normally with a web browser. Once you have that working, then point an add-in to the page. That should fix your issue, but if you still have a problem where the exact same code is working in a normal browser and failing in an add-in, let us know.
Related
I have been trying to open SharePoint's sharing dialog using microsoftTeams.tasks.startTask() in my MS Teams application and it shows an infinite loader in desktop client.
As I have come across certain articles and open threads, MS Teams does support redirecting within an iframe. Opening SharePoint's sharing URL goes through the authentication first (internal redirecting using login.microsoftonline.com)
Things I have tried so far -
var currentTeamsSiteUrl = new URL(currentItem['teamSiteUrl']);
var sharingDialogUrl = `${currentTeamsSiteUrl.href}/_layouts/15/sharedialog.aspx?listId=${currentItem['ListID']}&listItemId=${currentItem['ItemID']}&clientId=sharePoint`;
var src = `${currentTeamsSiteUrl.href}/_layouts/15/teamslogon.aspx?spfx=true&dest=${encodeURIComponent(sharingDialogUrl)}`;
microsoftTeams.tasks.startTask({
title: "Share Item",
height: 560,
width: 350,
url: src,
fallbackUrl: null,
card: null,
completionBotId: null,
});
The issue I am facing in desktop client is in attached screenshot -
Interestingly enough, the code works if I run the application in browser, and not in the MS Teams Desktop Client.
I have added *.sharepoint.com, login.microsoftonline.com as a valid domains in application config json.
I have tried opening the sharing URL using window.open() - opens up browser from desktop client and new tab from browser, and as per Microsoft's scholars using Task Module is far better approach, but that is not working in desktop client. Again, not an elegant solution.
I have been trying to find a workaround for sharing dialog not running in MS Teams desktop app and it all comes down to the error shown in the attached screenshots. I tried allowing third-party cookies for and other different solutions (https://learn.microsoft.com/en-us/microsoftteams/troubleshoot/teams-sign-in/sign-in-loop) to make it work but no luck so far.
Any help would be appreciated.
Cheers!
We have a cluster with 3 servers with Load Balancer in front (CloudFlare). Things worked well when we had 2 servers (A & B) in the cluster but after we added a 3-rd server (C) we noticed few odd things.
One of them is quite important and I do not understand how it happens at all.
Our web application makes AJAX requests to itself in order to get some JSON data back and if requests hit new server (C) response looks like that:
{
code: 404,
text: "Not Found",
message: "Database context not allowed."
}
Our application does not throw such error and so I searched in google a bit and noticed that it's mentioned on: OpenNTF XPagesExtensionLibrary
However, we do not use XPages at all so I wonder how could it be that our AJAX requests somehow involve that logic.
Any suggestion & tip would be appreciated.
UPDATE
The backend code of my agent is not important (it could be also an empty agent, I checked), because the request does not come to my agent.
The AJAX call is triggered by jQuery
let url = "domain.tld/api/key";
let params = {"a": 1};
$.post(url, params, function (data) {
// some code
},
"json"
).always(function() {
// some code
});
The URL, which I suspect is an issue starts with /api/key and I believe it's an issue (because all other ajax calls where endpoint do not start from /api/ work well).
Thanks.
Figured that our with help from comments (which you can see under my original post).
Apparently there is DAS servlet that handles all requests starting from /api/* and it runs if XPages engine is loaded.
In my case the 2 servers out of 3 have XPages shut down so the issue happened only on 1 server.
The solution would be:
Shut down XPages (or find a way to shut down DAS).
Alternatively change a URL from /api/path to something else (this is what we will do).
Scenario:
I have an Angular SPA and a SharePoint 2013, installed in separated servers. I would like to consume a SharePoint discussion board in my SPA, means I would like to use my customized UI to perform CRU(D) operations on the SharePoint discussion board.
Through some workarounds I already achieved this objective using the SP REST API, but unfortunately since REST API doesn't allow setting some parameters for the discussion board (in particular the ParentID) I am not really able to use REST API in a satisfactory way.
In order to make it possible to work through the REST API I had to change the configuration in the IIS of the SharePoint Server to rewrite the headers and allow the Cross-Domains Call. Moreover I pass as options in the http call the digest from the context info. As I said, the comunication works, I can create new discussions or replies, but these are malformed because the API itself doesn't offer the methods that I need, but just some workaround to post not-so-good-looking messages in the discussion board (for example the threading is completely lost).
With JSOM I am doing this (I simpliefied a bit):
createReply() {
let clientContext = new SP.ClientContext("otherserver.sharepoint.com");
let list = clientContext.get_web().get_lists().getByTitle("myDiscussionBoardName");
let discussionItem = list.getItemById(parentTopicId); //eg. parentTopicId === 10
let properties = {'Body': 'My Message'};
let messageItem = SP.Utilities.Utility.createNewDiscussionReply(clientContext, discussionItem);
for (var propName in properties) {
messageItem.set_item(propName, properties[propName])
}
messageItem.update();
clientContext.executeQueryAsync(() =>
{ console.log("Gotcha!", messageItem); },
(error: any) => { console.log('Request failed', error); });
}
But unfortunately I get a 401 error. My understanding would also be that I won't need to provide a digest, since JSOM should take care of it by itself, but I am not sure of this, nor I am aware of how I could provide the digest within a JSOM call.
Honestly this message is my last hope to get to the bottom of this. I actually am already planning to use different solutions, but I can't believe that a solution doesn't exist, in particular because using a local proxy (sp-rest-proxy, you may know it well if you develop angular application based on SP) the connection somehow works correctly.
check the below link and also I just put one the example from our code
http://sharepointsanjay.blogspot.com/2016/05/how-to-refresh-request-digest-token.html
var headers = {
"Accept": "application/json; odata=verbose",
"Content-Type": "application/json; odata=verbose",
"X-RequestDigest": document.getElementById("__REQUESTDIGEST").value,
"X-HTTP-Method": "MERGE",
"If-Match": "*"
};
return $http({
headers: headers,
method: "POST",
url: url,
data: JSON.stringify(data)
}).then(complete, failed);
is there way to redirect different url which is belonged to different domain in office 365 app ?
here is sample manifest file and source and it says'Refused to display 'https://google.com' in a frame because it set 'X-Frame-Options' to 'DENY'.'
<AppDomains>
<AppDomain>https://google.com</AppDomain>
</AppDomains>
Office.initialize = function (reason) {
$(document).ready(function () {
window.location = "https://www.google.com";
});
};
In this particular case, Google is the one saying "don't load me in an iframe". See the X-Frame-Options documentation. So it should work with some other site, just not one that's setting X-Frame-Options.
For scenarios like OAuth, you can do things via a pop-up or using the new dialog API which is not available everywhere yet (I believe it's currently in Office 2016 Desktop on Windows).
i got simple jQuery ajax post request
$.ajax({
url: "/_layouts/TK_Editor/DemoHandler.ashx", //
contentType: "application/json; charset=utf-8", //cherset set
type: 'POST', //
dataType: "json", //
data: JSON.stringify(json_str), //
success: OnComplete, //function
error: OnFail //function
});
I browsed dozens of similar problemms here and google, but most of them are about crossdomain or character set, well i got no crossdomain, no anything complicated.
works just fine in ffox, chrome, even opera...
after json_str parsed by DemoHandler, web service execs some TSQL procedures, but when i try to make ajax request from IE (8+), my service doesn't exec any procedures and i got endless waiting till request fires.
However, when i disable most all of security in IE, it suddenly works!
Can anyone explain me why this happens and what exact option in security doesn't allow jQuery.ajax request to fire well, and if it is possible - how to avoid this scenario?
p.s: webservice works just fine too, described in here
Once again i answered my own question, anyway.
https://github.com/jaubourg/ajaxHooks/blob/master/src/xdr.js
here's workaround with some limitations to make things go right.
Complete description located here (if anyone wants to read more)
http://bugs.jquery.com/ticket/8283
most important last record in ticket.
Cheers!