Jul 24 2019 11:25 AM - edited Jul 29 2019 07:57 AM
Hi,
I have seen some problems when one send a e-mail with hiperlink containing links to my intranet and I have tried to open it, but this hiperlink doesn't open, the messagem is like a"not found this page", however when I have opened the same link on Microsoft Outlook it open.
In this case, when I try to open it on Outlook Web, Outlook redirect including some information after the real link like this "&CT=XXXXXXXXXX&OR=OWA-NT&CID=8f097e1b-8E8483-1078-a048-xxxxxxxxxxx".
The result is "errorpage.aspx?requestUrl="
In the other hand, if I try it on Microsoft Outlook is ok.
Jul 24 2019 01:37 PM
That is the Safe Links feature of Advanced Threat Protection (ATP). Your Office 365 administrator can set exclusions for certain URLs which are not available via the Internet.
Jul 25 2019 11:14 AM
Hello @Robert Sparnaaij
I followed your instruction, but when I entered in this address https://protection.office.com/threatpolicy, I didn't see the Safe URL. I don't know if there is another configuration where I can verify it.
Jul 25 2019 11:20 AM
Make sure that this is being done by a Global Admin or someone else with the necessary rights. Also note that it requires a specific license to tweak the default policies.
The direct link would be; https://protection.office.com/safelinksconverged
For more info, also see; https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-advanced-threat-protection...
Jul 29 2019 01:34 AM - edited Jul 29 2019 01:49 AM
@Milena Mocci We also noticed this starting the afternoon of 7/18, about 7 hours before Microsoft sent the notice about "New Feature: Outlook on the web - new cloud doc sharing experience" being rolled out. The coincidence feels far too strong, given that we also saw the 'shared file link as name' functionality happening earlier that day, as well.
Pasting any intranet link (to a file, site or page) via the browser now shows a small spinning circle as it processes, before the link is rendered (non-intranet links are entirely unaffected). Files are converted to the name as the announcement describes, while all other intranet links appear unaffected to all checks (hovering to see the URL, editing the link, etc.). However, they get the appended collection of URL parameters when clicked. NOTE: This is only via the new Outlook on the web -- not the 'older' web version, not the phone app and not the desktop version, all of which render fine.
The issue is that the new Outlook web appends the parameter string you mentioned to ANY intranet (SharePoint/OneDrive) link, regardless. Unfortunately for non-files, there is no initial "?" included to tell the browser that the main URL is done and the parameters are separate. If you manually add the "?" to the end of an intranet link, it works fine for all users, but this is obviously not an optimal workaround.
@Robert Sparnaaij Thanks for the info. Any idea if this is in any way connected to cloud sharing experience referenced in the aforementioned notice from Microsoft on 7/18?
Jul 29 2019 05:24 AM
I couldn't get to found these options about Safe URL. We don't pay for these protections, I can't configure it. My user is a global administrator. I don't have any idea how I can start to solve this.
Jul 29 2019 05:36 AM - edited Jul 29 2019 07:59 AM
@Bill Blais Hi.
I didn't have any idea when It was started, It is interesting.
I followed the steps wich Robert mentioned before, but for me, how I have mentioned the last post, we don't have Safe URL options.
ps: I did the same test that you did, I put in the end of the URL "?" and It worked.
Until now I don't know what to do.
If you can solve it, keep me informed.
Aug 01 2019 03:32 AM
@Milena Mocci and @Robert Sparnaaij
Nothing was changed on our end, but it appears to be fixed this morning, at least for me. Still no official comment anywhere and I'm not entirely trusting that it will work properly for my entire tenant, but figured I'd share the change in experience.
Is it now working for you, Milena?
Aug 05 2019 04:56 AM
Aug 05 2019 10:32 AM
@Milena Mocci No worries. Turns out it was a known issue posted to the MS Admin Panel for organizations, but not publicly announced (at least nowhere I could find. Here's what I found:
Summary:
Details