向 ewsURL 发出请求时,Outlook 插件获取 CORS
Outlook Addin getting CORS when making request to ewsURL
我开发了一个 Outlook add-in,可以向 ewsURL 发出 ajax 请求。
这是我如何请求 ewsUrl 的示例:
Office.context.mailbox.getCallbackTokenAsync(function(result) {
var token = result.value;
var ewsurl = Office.context.mailbox.ewsUrl;
var itemId = Office.context.mailbox.item.itemId;
var envelope = getSoapEnvelope(itemId); // builds soap request
var xhttp = new XMLHttpRequest();
xhttp.open("POST", ewsurl, true);
xhttp.setRequestHeader("Content-type", "application/soap+xml");
xhttp.setRequestHeader("Authorization", "Bearer " + token);
xhttp.send(envelope);
xhttp.onload = function() {
// never comes here
};
xhttp.onprogress = function(event) {
// never comes here
};
xhttp.onerror = function() {
// COMES HERE IMMEDIATELY and ERROR ABOUT CORS IN CONSOLE
};
});
这给我带来了 CORS 问题
Access to XMLHttpRequest at
'https://outlook.office365.com/EWS/Exchange.asmx' from origin
'https://myorg.github.io' has been blocked by CORS policy: Response to
preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource.
这是它在网络选项卡上的控制台中的样子
我已将 'https://myorg.github.io' 包含在 AppDomains 的清单中
<AppDomains>
<AppDomain>https://metz-dk.github.io</AppDomain>
</AppDomains>
然而这并没有改变任何东西。
如果我尝试执行 Postman 的请求,事情会按预期工作,这里是响应 headers(不确定是否有帮助)
cache-control: private
transfer-encoding: chunked
content-type: text/xml; charset=utf-8
server: Microsoft-IIS/10.0
request-id: bfac7074-180b-2e3d-2a55-94525741a78d
alt-svc: h3=":443",h3-29=":443"
x-calculatedfetarget: AS9PR06CU014.internal.outlook.com
x-backendhttpstatus: 200; 200
set-cookie: exchangecookie=hash32chars; path=/; secure
x-feproxyinfo: AS9PR06CA0415.EURPRD06.PROD.OUTLOOK.COM
x-calculatedbetarget: AM7P191MB0851.EURP191.PROD.OUTLOOK.COM
x-rum-validated: 1
x-ms-appid: a18de30c-141b-4967-90a6-793df473fcb0
x-ewshandler: GetItem
x-aspnet-version: 4.0.30319
x-besku: WCS6
x-diaginfo: AM7P191MB0851
x-beserver: AM7P191MB0851
x-proxy-routingcorrectness: 1
x-proxy-backendserverstatus: 200
x-feserver: AS9PR06CA0415; GV3P280CA0046
x-firsthopcafeefz: GVX
x-powered-by: ASP.NET
date: Tue, 23 Nov 2021 14:13:22 GMT
有什么想法是错误的吗?
谢谢。
我无法解决 CORS 的原始问题,但我听从了@outlookAdd-insTeam-MSFT 的建议,并将将电子邮件提取到我的服务器的逻辑移到了我的服务器(无论如何都必须存储电子邮件)。所以代码现在在服务器而不是前端(插件)上运行。
我开发了一个 Outlook add-in,可以向 ewsURL 发出 ajax 请求。
这是我如何请求 ewsUrl 的示例:
Office.context.mailbox.getCallbackTokenAsync(function(result) {
var token = result.value;
var ewsurl = Office.context.mailbox.ewsUrl;
var itemId = Office.context.mailbox.item.itemId;
var envelope = getSoapEnvelope(itemId); // builds soap request
var xhttp = new XMLHttpRequest();
xhttp.open("POST", ewsurl, true);
xhttp.setRequestHeader("Content-type", "application/soap+xml");
xhttp.setRequestHeader("Authorization", "Bearer " + token);
xhttp.send(envelope);
xhttp.onload = function() {
// never comes here
};
xhttp.onprogress = function(event) {
// never comes here
};
xhttp.onerror = function() {
// COMES HERE IMMEDIATELY and ERROR ABOUT CORS IN CONSOLE
};
});
这给我带来了 CORS 问题
Access to XMLHttpRequest at 'https://outlook.office365.com/EWS/Exchange.asmx' from origin 'https://myorg.github.io' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
这是它在网络选项卡上的控制台中的样子
我已将 'https://myorg.github.io' 包含在 AppDomains 的清单中
<AppDomains>
<AppDomain>https://metz-dk.github.io</AppDomain>
</AppDomains>
然而这并没有改变任何东西。
如果我尝试执行 Postman 的请求,事情会按预期工作,这里是响应 headers(不确定是否有帮助)
cache-control: private
transfer-encoding: chunked
content-type: text/xml; charset=utf-8
server: Microsoft-IIS/10.0
request-id: bfac7074-180b-2e3d-2a55-94525741a78d
alt-svc: h3=":443",h3-29=":443"
x-calculatedfetarget: AS9PR06CU014.internal.outlook.com
x-backendhttpstatus: 200; 200
set-cookie: exchangecookie=hash32chars; path=/; secure
x-feproxyinfo: AS9PR06CA0415.EURPRD06.PROD.OUTLOOK.COM
x-calculatedbetarget: AM7P191MB0851.EURP191.PROD.OUTLOOK.COM
x-rum-validated: 1
x-ms-appid: a18de30c-141b-4967-90a6-793df473fcb0
x-ewshandler: GetItem
x-aspnet-version: 4.0.30319
x-besku: WCS6
x-diaginfo: AM7P191MB0851
x-beserver: AM7P191MB0851
x-proxy-routingcorrectness: 1
x-proxy-backendserverstatus: 200
x-feserver: AS9PR06CA0415; GV3P280CA0046
x-firsthopcafeefz: GVX
x-powered-by: ASP.NET
date: Tue, 23 Nov 2021 14:13:22 GMT
有什么想法是错误的吗?
谢谢。
我无法解决 CORS 的原始问题,但我听从了@outlookAdd-insTeam-MSFT 的建议,并将将电子邮件提取到我的服务器的逻辑移到了我的服务器(无论如何都必须存储电子邮件)。所以代码现在在服务器而不是前端(插件)上运行。