Microsoft has released Hotfix Updates (HUs) that enable support for new functionality and address issues in the March 2024 Security Update (SU).
The April 2024 HU is available for the following bui...
Updated May 06, 2024
Version 4.0
Blog Post
LIRO-Bwi , Sam_T , Kinimod622 re: Download Domains...
Be sure to check your IIS Content Security Policy (CSP).
I'm no expert, but I thought Download Domains was still broken after April24HU as well. I figured out my issue by reviewing the developer console from a web browser when logged in via OWA and noticed:
My CSP was originally based on: Content-Security-Policy for Exchange 2016 - Server Fault
If you can't or won't check the browser console for whatever reason, at least check your CSP settings in IIS:
- In IIS Manager, root level...
- Open "Configuration Editor" under "Management" in the right pane. Select system.webServer/httpProtocol.
- Edit "customHeaders"
- For "Content-Security-Policy", my old config looked like the screenshot above, allowing assets to load from itself, *.microsoft.com and *.sharepointonline.com. None of those "allowed" sources permitted my download domain. "default-src" 'self' refers to literally, itself (same-origin... the URI you use to access OWA), and not your download domain.
- Therefore, I added my download domain to the CSP by inserting it after 'self' as: https://*.mydomain.com (or I suppose you could remove the wildcard and literally put your exact FQDN/hostname for your download domain).
After applying this change (close the "Collection Editor" window, then click "Apply" in IIS Manager top right corner), Download Domains worked for me again.
Maybe this is your issue, maybe it isn't, just trying to help. Good luck!