Forum Discussion

Ygokkaya's avatar
Ygokkaya
Copper Contributor
Oct 08, 2020

Exchange Server 2016 CU 15 - OWA Http Error 440 on Chrome !

We use Exchange Server 2016 ( CU 15 ) on-premise. We have problems with OWA these days. The error we received is "Exchange Server 2016 OWA Http Error 440" As a result of my research, I read that so...
japikle's avatar
japikle
Copper Contributor
Oct 13, 2020

Ygokkaya 

Hi,

I had the same problem.

I am using an ADFS-like authentication, which was redirecting to the identity provider to login.

The problem was that Chrome/Chromium/Edge have changed the default referrer-policy from no-referrer-when-downgrade to strict-origin-when-cross-origin.

You can read into the available settings here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy

 

I added the Header

Referrer-Policy: no-referrer-when-downgrade

to the identity Server (in IIS as HTTP-Response Header), to get the browsers to use the old default behaviour.

This fixed the problem.

If you are using ADFS 2019 (or install the back port for 2016), you can add it by using the following PowerShell command on the ADFS Server:

Set-AdfsResponseHeaders -SetHeaderName "Referrer-Policy" -SetHeaderValue "no-referrer-when-downgrade"

(see https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/operations/customize-http-security-headers-ad-fs for more information on this command and the pre-requirements)


Best regards,

Jan

  • Ygokkaya's avatar
    Ygokkaya
    Copper Contributor
    Nov 02, 2020

    japikle Hi,

     

    Thank you for your answer. But, no action was required on ADFS. 

     

    Installing CU17 is enough for this problem.

     

    Regards,

     

     

Resources