Oct 21 2022 05:22 AM
Hi everybody,
our Web-Application does work in the MS-Teams Client version 1.5.00.21668 but it does not work anymore since update the MS Teams client to version 1.5.00.28361.
The application still works in the browser, but in the MS Teams custom tab we see following error within the Dev Tools console log:
Any ideas what has changed in MS Teams version 1.5.00.28361?
Thanks.
Regards
Gerd
Oct 25 2022 12:33 AM
@relkniw - The page that loaded by iframe returned this error. The X-Frame-Options
HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>
, <iframe>
, <embed>
or <object>
. Sites can use this to avoid click-jacking attacks, by ensuring that their content is not embedded into other sites.
Ensure that you adhere to the following prerequisites while building your Teams personal and channel or group tab:
Allow your tab pages to be discovered in an iFrame, using X-Frame-Options and Content-Security-Policy HTTP response headers.
Content-Security-Policy: frame-ancestors teams.microsoft.com *.teams.microsoft.com *.skype.com
X-Content-Security-Policy
.X-Frame-Options: ALLOW-FROM https://teams.microsoft.com/
. This header is deprecated but still accepted by most browsers.Oct 26 2022 02:39 AM - edited Oct 26 2022 03:30 AM
Can you give me further information where I have to configure that for a asp.net web application hosted on IIS?
And what has changed in MS Teams 1.5.00.28361 that this failure occours? Because the application works fine in 1.5.00.21668 .
Oct 26 2022 03:36 AM