none
Office 365 API, HTTPS protocol blocked RRS feed

  • Question

  • Hello, I am trying to make a call to a web service over the Https protocol using Ajax/Jsonp. Excel blocks this protocol by default and displays a warning message, the message can be ignored but in doing so the page is refreshed and the service call is never made.

    This is only an issue in the Desktop Excel client, the reason my service call is over Https is because the Web Excel client is loaded over Https therefore any calls must use the same protocol. I am clueless as to what can be done regarding this.

    Thanks in advance :)

    Monday, October 12, 2015 11:11 PM

All replies

  • Hi HasMilk,

    >> Excel blocks this protocol by default and displays a warning message, the message can be ignored but in doing so the page is refreshed and the service call is never made.

    What was the error message? Was it like “This page is accessing information that is not under its control. This poses a security risk. Do you want to continue”? Could you share us the simple code which you used?

    In my option, it was an issue about CORS (cross-origin resource sharing). I suggest you try the methods below:
    1. Enable CORS in your web service
    2. Add your web service to the allowed AppDomain’s

    Best Regards,

    Edward


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Thursday, October 15, 2015 2:11 AM
  • Hi Edward

    The error message I receive is "To help protect your security, Internet Explorer has blocked this website from displaying content with security certificate errors".

    This is the AjaxCall function I'm using:

    function AjaxCall(type, path, params, values, success, error) {
        params = params || [];
        values = values || [];
    
        var result = null;
        var data = '{';
        for (var i in params) {
            if (i > 0)
                data += ',';
            data += '"' + params[i] + '":"' + values[i] + '"'
        }
        data += '}';
    
        var local = "https://xx.xx.xxx.xx/OfficeQuotingServices/OfficeQuoting.svc/";
        $.ajax({
            url: local + path,
            type: type,
            async: false,
            cache: false,
            contentType: "application/json; charset=utf-8",
            data: data,
            dataType: "jsonp",
            processData: false,
            success: success || function (ajaxResult) {
                result = ajaxResult;
            },
            error: error || function (ajaxResult) {
                result = ajaxResult.status + ": " + ajaxResult.statusText;
            }
        });
        return result;
    }

    And the Web.config file on my server:

    <?xml version="1.0"?>
    <configuration>
    
      <appSettings>
        <add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
      </appSettings>
    
      <system.web>
        <compilation debug="true" targetFramework="4.5.2" />
        <httpRuntime targetFramework="4.5.2"/>
        <customErrors mode="Off"/>
      </system.web>
    
      <system.serviceModel>
    
        <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
    
        <extensions>
          <behaviorExtensions>
            <add
              name="crossOriginResourceSharingBehavior"
              type="OfficeQuotingServices.CORSEnablingBehavior, OfficeQuotingServices, Version=1.0.0.0, Culture=neutral" />
          </behaviorExtensions>
        </extensions>
    
    
        <behaviors>
    
          <serviceBehaviors>
            <behavior>
              <serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>
              <serviceDebug includeExceptionDetailInFaults="true"/>
            </behavior>
          </serviceBehaviors>
    
          <endpointBehaviors>
            <behavior>
              <webHttp />
              <enableWebScript/>
            </behavior>
          </endpointBehaviors>
    
        </behaviors>
    
        <bindings>
          <webHttpBinding>
            <binding crossDomainScriptAccessEnabled="true">
              <security mode="Transport">
                <transport clientCredentialType="None" proxyCredentialType="None" />
              </security>
            </binding>
          </webHttpBinding>
        </bindings>
    
        <protocolMapping>
          <add binding="basicHttpsBinding" scheme="https" />
        </protocolMapping>
    
    
        <services>
          <service name="OfficeQuotingServices.AjaxService">
            <endpoint
                      address=""
                      binding="webHttpBinding"
                      contract="OfficeQuotingServices.IOfficeQuoting">
            </endpoint>
          </service>
        </services>
    
      </system.serviceModel>
    
      <system.webServer>
        <modules runAllManagedModulesForAllRequests="true"/>
        <directoryBrowse enabled="true"/>
        <httpProtocol>
          <customHeaders>
            <add name="Access-Control-Allow-Origin" value="*, https://www.napacloudapp.com"/>
            <add name="Access-Control-Allow-Methods" value="GET,POST,OPTIONS" />
            <add name="Access-Control-Allow-Headers" value="X-Requested-With, Content-Type, soapaction" />
          </customHeaders>
        </httpProtocol>
      </system.webServer>
    
    </configuration>

    I had already enabled CORS on the web server but perhaps it was not configured correctly..

    • Edited by HasMilk Thursday, October 15, 2015 10:15 PM
    Thursday, October 15, 2015 10:14 PM
  • Hi HasMilk,

    I made a test with something like your code, but I failed to reproduce your issue. Here is my code:

    function callUrl()
    {
        var local = "https://xxxxx.xx.xx.xx/testWebService/WebService1.asmx/HelloWorld"; 
        //var local = "https://www.baidu.com/";
        $.ajax({
            url: local ,
            type: "POST",
            async: false,
            cache: false,
            contentType: "application/json; charset=utf-8",
    
            dataType: "json",
            processData: false,
            success: function (data, status) {
                app.showNotification(data.d);
            },
            error: function (ajaxResult) {
                app.showNotification(ajaxResult.status + ": " + ajaxResult.statusText);
            }
        });
    }

    Based on your error message, it seems this issue is related with your web service. I suggest you access your web service from IE to check whether it could be accessed.

    I suggest you try the steps below:
    1.Click on Gear icon at the top of the IE browser window.
    2.Select Internet Options.
    3.Select the Security tab at the top.
    4.Click the Custom Level... button.
    5.Scroll about halfway down to the Miscellaneous heading (denoted by a "blank page" icon).
    6.Under this heading is the option Display Mixed Content; set this to Enable.
    7.Click OK
    8.Close and restart the browser.

    Best Regards,

    Edward

          

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Tuesday, October 20, 2015 1:40 AM
  • Hello again Edward,

    After following your suggestions about the Internet Options I am still unable to avoid the certificate warning. I even tried adding the server address as a trusted site and tweaking the custom level but to no avail. I am developing a proof-of-concept so I will just have to have separate Web and Desktop versions of the add-in. Thank you for your help :)

    Tuesday, October 20, 2015 3:47 AM
  • Hi HasMilk,

    If you access your web service from IE or other application, could it work correctly? To be honesty, I made a test, and I did not make any other configuration, it worked correctly. I suggest you check whether your web service could work correctly.

    Best Regards,

    Edward


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Tuesday, October 20, 2015 5:09 AM
  • Hi HasMilk,

    Have your issue been resolved? If you have, it would be appreciated if you could share us your solution, if not, please feel free to let us know your current issue.

    Best Regards,

    Edward


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.


    Friday, October 23, 2015 7:32 AM