Unblock CORS in the embedded browser of Excel for Windows

Question

I'm developing an Excel add-in. I need to test the add-in in Excel for Windows in my virtual machine of Mac. Therefore, I use <AppDomain>https://192.168.1.1:8000</AppDomain> and e.g., <SourceLocation DefaultValue="https://192.168.1.1:8000/#/app" /> in the manifest file.

I use this add-on in Microsoft Edge in the virtual machine, as a result, the add-in can be run in Excel Online in Edge without problem.

Then I try to run the add-in with the same manifest in Excel for Windows. Then it raises an error Access to XMLHttpRequest at 'https://www.backend.io/...' from origin 'https://192.168.1.1:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I believe the browser embedded in Excel for Windows is Edge. I'm surprised that unblocking CORS in Edge does not unblock CORS in Excel for Windows. Is it an expected behavior?

Does anyone know how we could unblock CORS in the embedded browser of Excel for Windows?

I think you need to set the CORS settings on the server. Is backend.io a server you control? — Jakob Nielsen-MSFT, Jan 19 '23 at 06:38
Yes, `backend.io` is a server I control. Why cannot we unblock CORS in Excel for Windows, while we can block CORS in Edge? — SoftTimur, Jan 19 '23 at 07:23
@SoftTimur This has nothing to do w/ `Excel` or `Office-JS` API. This has to do with your server configuration and javascript/api calls. — FreeSoftwareServers, Jan 19 '23 at 19:09

score 1 · Answer 1 · answered Jan 19 '23 at 10:18

There are several solutions for bridging the gap with CORS:

Read more about possible solutions in the Addressing same-origin policy limitations in Office Add-ins article.

Unblock CORS in the embedded browser of Excel for Windows

1 Answers1

Linked