Follow this code example causes problems with MSWord's native document compare functionality when group policy has disabled macros:
https://learn.microsoft.com/en-us/office/dev/add-ins/design/using-office-ui-fabric-react
Why is MSWord identifying a basic office.js add-in as a macro? There are no macros in this helloWorld example code? Security conscious clients will not wish to lower their security policy in-order to use the document compare function. Is there another way to suppress these annoying message boxes, as asking the end-user to click [OK] twenty times on every document compare action is an awful user experience.
Note: The macros settings in the Trust Center do nothing to prevent these message boxes from showing when the group policy is in-place. Its not entirely clear what group policy setting is causing this, but I suspect its setting "Block macros from running in Office files from the Internet".
What is not clear is why the Wikipedia add-in from the app source store does not interfere with the document compare whereas the helloWorld example above does. There must be a way of trusting office.js add-ins to suppress this warning without having to compromise the corporate security strategy?
Environment:
Microsoft Word for Office 365 MSO (16.0.12527.20612) 32 bit
Windows 10 Enterprise, Version 1809
Visual Studio Code version 1.48
Node.js v12.14.1
Repo steps:
Follow the article detailed above for the helloWorld example
Apply a strict macro policy via Group Policy Management (exact policy setting is unknown. I am trying to acquire this from our IT Support to precisely identify which setting is triggering these macro warnings - and 'no' its not the trust center macro settings, as this settings do nothing to reveal/suppress this macro warning)
With MSWord open (irrespective of whether the helloWorld add-in is loaded in the sidebar or not, its mere association to MSWord is enough) attempt to do a document compare operation from the [Review] tab.
Removing the corporate security Group Policy from my laptop fixes the problem. Re-instating the group policy re-creates the problem. It's just not clear which setting in this policy is causing the problem. HOWEVER the Wikipedia add-in from the app source store is somehow trusted regardless of this Group Policy. As a minimum requirement, we need to provide clients with details of what the security constraint/setting is. Ideally, I'd like to know what it is that the wikipedia add-in has done to become trusted in such a way that those warnings are suppress irrespective of the Group Policy setting
Update
Adding the SSL certificates for the add-in to the Trusted Publishers store made no difference.
I tried a number of other apps found in the app source store with mixed results:
AppName (Publisher) : Results
Wikipedia (Microsoft) : Compare works correctly
Pickit (www.pickit.com) : Compare interrupted by 20 macro warning message boxes
ScriptLab (Microsoft) : Compare interrupted by 20 macro warning message boxes
Microsoft Dynamics (Microsoft) : Compare works correctly
The publishing location nor the publisher seems to influence the outcome of the compare functionality
Update
Here is an export of the group policy that relates to MSWord macros:
Interesting Update
It would appear that there is a unexpected interaction between the Group Policy details above, the document compare operation AND the ExtensionPoint xml element in the manifest.xml file. If I remove the extensionPoint element then the macro warning no longer shows during the document compare operation. However, removing this element means that we no longer have an icon to load the application with - forcing the end-user to re-add the add-in for every document, which isn't really a solution. See manifest.xml file below:
<?xml version="1.0" encoding="UTF-8"?>
<OfficeApp
xmlns="http://schemas.microsoft.com/office/appforoffice/1.1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:bt="http://schemas.microsoft.com/office/officeappbasictypes/1.0"
xmlns:ov="http://schemas.microsoft.com/office/taskpaneappversionoverrides"
xsi:type="TaskPaneApp">
<!-- Begin Basic Settings: Add-in metadata, used for all versions of Office unless override provided. -->
<!-- IMPORTANT! Id must be unique for your add-in, if you reuse this manifest ensure that you change this id to a new GUID. -->
<Id>69de862e-09ee-4ec4-85a4-f230fa10cbc0</Id>
<!--Version. Updates from the store only get triggered if there is a version change. -->
<Version>1.0.0.0</Version>
<ProviderName>CompanyX AddIn</ProviderName>
<DefaultLocale>en-US</DefaultLocale>
<!-- The display name of your add-in. Used on the store and various places of the Office UI such as the add-ins dialog. -->
<DisplayName DefaultValue="CompanyX AddIn" />
<Description DefaultValue="CompanyX AddIn for Office 365" />
<!-- Icon for your add-in. Used on installation screens and the add-ins dialog. -->
<IconUrl DefaultValue="https://companyX.com/images/ds_AddIn_80.png" />
<HighResolutionIconUrl DefaultValue="https://companyX.com/images/ds_AddIn_80.png"/>
<!--If you plan to submit this add-in to the Office Store, uncomment the SupportUrl element below-->
<SupportUrl DefaultValue="https://companyX.com/support.html" />
<!--End Basic Settings. -->
<!--Begin TaskPane Mode integration. This section is used if there are no VersionOverrides or if the Office client version does not support add-in commands. -->
<Hosts>
<Host Name="Document" />
</Hosts>
<DefaultSettings>
<SourceLocation DefaultValue="https://companyX.com/index.html" />
</DefaultSettings>
<!-- End TaskPane Mode integration. -->
<Permissions>ReadWriteDocument</Permissions>
<VersionOverrides xmlns="http://schemas.microsoft.com/office/taskpaneappversionoverrides" xsi:type="VersionOverridesV1_0">
<!-- The Hosts node is required. -->
<Hosts>
<!-- Each host can have a different set of commands. -->
<!-- Excel host is Workbook, Word host is Document, and PowerPoint host is Presentation. -->
<!-- Make sure the hosts you override match the hosts declared in the top section of the manifest. -->
<Host xsi:type="Document">
<!-- Form factor. Currently only DesktopFormFactor is supported. -->
<DesktopFormFactor>
<!--"This code enables a customizable message to be displayed when the add-in is loaded successfully upon individual install."-->
<GetStarted>
<!-- Title of the Getting Started callout. resid points to a ShortString resource -->
<Title resid="CompanyX.GetStarted.Title"/>
<!-- Description of the Getting Started callout. resid points to a LongString resource -->
<Description resid="CompanyX.GetStarted.Description"/>
<!-- Point to a url resource which details how the add-in should be used. -->
<LearnMoreUrl resid="CompanyX.GetStarted.LearnMoreUrl"/>
</GetStarted>
<!-- Function file is a HTML page that includes the JavaScript where functions for ExecuteAction will be called.
Think of the FunctionFile as the code behind ExecuteFunction. -->
<FunctionFile resid="CompanyX.DesktopFunctionFile.Url" />
<!-- PrimaryCommandSurface is the main Office Ribbon. -->
<ExtensionPoint xsi:type="PrimaryCommandSurface">
<!-- Use OfficeTab to extend an existing Tab. Use CustomTab to create a new tab. -->
<OfficeTab id="TabHome">
<!-- Ensure you provide a unique id for the group. Recommendation for any IDs is to namespace using your company name. -->
<Group id="CompanyX.Group1">
<!-- Label for your group. resid must point to a ShortString resource. -->
<Label resid="CompanyX.Group1Label" />
<!-- Icons. Required sizes 16,32,80, optional 20, 24, 40, 48, 64. Strongly recommended to provide all sizes for great UX. -->
<!-- Use PNG icons. All URLs on the resources section must use HTTPS. -->
<Icon>
<bt:Image size="16" resid="CompanyX.tpicon_16x16" />
<bt:Image size="32" resid="CompanyX.tpicon_32x32" />
<bt:Image size="80" resid="CompanyX.tpicon_80x80" />
</Icon>
<!-- Control. It can be of type "Button" or "Menu". -->
<Control xsi:type="Button" id="CompanyX.TaskpaneButton">
<Label resid="CompanyX.TaskpaneButton.Label" />
<Supertip>
<!-- ToolTip title. resid must point to a ShortString resource. -->
<Title resid="CompanyX.TaskpaneButton.Label" />
<!-- ToolTip description. resid must point to a LongString resource. -->
<Description resid="CompanyX.TaskpaneButton.Tooltip" />
</Supertip>
<Icon>
<bt:Image size="16" resid="CompanyX.tpicon_16x16" />
<bt:Image size="32" resid="CompanyX.tpicon_32x32" />
<bt:Image size="80" resid="CompanyX.tpicon_80x80" />
</Icon>
<!-- This is what happens when the command is triggered (E.g. click on the Ribbon). Supported actions are ExecuteFunction or ShowTaskpane. -->
<Action xsi:type="ShowTaskpane">
<TaskpaneId>ButtonId1</TaskpaneId>
<!-- Provide a url resource id for the location that will be displayed on the task pane. -->
<SourceLocation resid="CompanyX.Taskpane.Url" />
</Action>
</Control>
</Group>
</OfficeTab>
</ExtensionPoint>
</DesktopFormFactor>
</Host>
</Hosts>
<!-- You can use resources across hosts and form factors. -->
<Resources>
<bt:Images>
<bt:Image id="CompanyX.tpicon_16x16" DefaultValue="https://companyX.com/images/ds_AddIn_16.png" />
<bt:Image id="CompanyX.tpicon_32x32" DefaultValue="https://companyX.com/images/ds_AddIn_32.png" />
<bt:Image id="CompanyX.tpicon_80x80" DefaultValue="https://companyX.com/images/ds_AddIn_80.png" />
</bt:Images>
<bt:Urls>
<bt:Url id="CompanyX.Taskpane.Url" DefaultValue="https://companyX.com/index.html" />
<bt:Url id="CompanyX.GetStarted.LearnMoreUrl" DefaultValue="https://go.microsoft.com/fwlink/?LinkId=276812" />
<bt:Url id="CompanyX.DesktopFunctionFile.Url" DefaultValue="https://companyX.com/function-file/function-file.html" />
</bt:Urls>
<!-- ShortStrings max characters==125. -->
<bt:ShortStrings>
<bt:String id="CompanyX.TaskpaneButton.Label" DefaultValue="CompanyX AddIn" />
<bt:String id="CompanyX.Group1Label" DefaultValue="Contract Review" />
<bt:String id="CompanyX.GetStarted.Title" DefaultValue="CompanyX AddIn for Office 365." />
</bt:ShortStrings>
<!-- LongStrings max characters==250. -->
<bt:LongStrings>
<bt:String id="CompanyX.TaskpaneButton.Tooltip" DefaultValue="Start CompanyX AddIn" />
<bt:String id="CompanyX.GetStarted.Description" DefaultValue="CompanyX AddIn add-in loaded successfully. Go to the HOME tab and click the 'CompanyX AddIn' button to get started." />
</bt:LongStrings>
</Resources>
</VersionOverrides>
<!-- End Add-in Commands Mode integration. -->
</OfficeApp>
After evaluating numerous add-ins downloaded from the app store (from various different publishers, including Microsoft) it is clear that the problem is related to the ribbon.
Add-ins that do not use the ribbon do not present the macro warning. Add-ins that do use the ribbon (custom or home ribbon) that use the security Group Policy setup above are deluged with macro warnings during the document compare operation.
Clients will of-course be unwilling to reduce their security setup to suppress this series of warning message boxes. Therefore the only solution is to alter the add-in's manifest.xml so that it does not use the ribbon.
Related
I'm working on a Wix installer which should install multiple Services based on the same runner. This a some dlls which will be loaded by the runner. With sc.exe this works fine on my test system. Now my question, can I use standard Wix ServiceInstall for this? I have only one runner.exe and I'm not sure how to write this in the XML. Or would a Custom Action be the right way?
Thanks!!
The ServiceInstall and ServiceControl elements don't come after the file element per say but they are children on the Component element. They target the keypath of the component which happens to be the File element. You can easily have multiple services defined in a single component pointing to the same executable.
<Component Id="c1" Guid="dbc1b8dd-14e1-380f-5793-4a746fa0c5c5">
<File Id="f1" Source="$(var.SourceDir)\TestService.exe" KeyPath="yes" />
<ServiceInstall Id="si1" Name="TestService1" DisplayName="TestService1 Service" Description="TestService1 Service" ErrorControl="normal" Start="auto" Type="ownProcess" />
<ServiceControl Id="sc1" Name="TestService1" Start="install" Stop="both" Remove="both" Wait="yes" />
<ServiceInstall Id="si2" Name="TestService2" DisplayName="TestService2 Service" Description="TestService Service" ErrorControl="normal" Start="auto" Type="ownProcess" />
<ServiceControl Id="sc2" Name="TestService2" Start="install" Stop="both" Remove="both" Wait="yes" />
</Component>
To have each service behave differently you'll have to write code in your service to access ServiceBase.ServiceName (this.ServiceName in the OnStart method likely). From here you can dynamically load different classes from different assemblies.
I am really very sorry for being redundant. I have checked a lot of other posts in this site itself and perhaps some other sites. I am not able to get Major Upgrade working without uninstalling & reinstalling of service. I am changing the Product Code and Version and the UpgradeFileComponent is the component that is part of the Upgrade. All the remaining are the same as in 1.0.0. I am doing a POC and hence would like to make only this small change (not as a patch, but as a major upgrade). Following is my Product.wxs. I am not including the markup for the other things like ServiceAccountDlg, Variables.wxi or en-us.wxl, since it may make it really long. Can anyone please help me? I have already tried WIX_UPGRADE_DETECTED, UPGRADINGPRODUCTCODE and so on, but not able to get it working. Everytime, the service is getting uninstalled and reinstalled. I am verifying this in the following way. Once the service starts, it creates a log file in ProgramData and keeps appending it to every 5 seconds. During uninstallation of the MSI, I am deleting this log file and its folder. After the service gets reinstalled and restarts, the log file gets created again. With this I am able to figure out that the service is getting reinstalled always with the major upgrade. I only want the new file to be deployed without reinstalling the service or any other component being uninstalled. I have heard from some people that the toolset checks for changed files and reinstalls them only if there is a change. But this doesn't seem to be the case. I have tried using the Schedule attribute with various values also, but no luck. Any help will be really great. I have been trying this for so many days without any luck. Please let me know if any more info is required from me.
<?xml version="1.0" encoding="UTF-8"?>
<?include Variables.wxi ?>
<Wix xmlns="http://schemas.microsoft.com/wix/2006/wi" xmlns:util='http://schemas.microsoft.com/wix/UtilExtension'>
<Product Id="$(var.ProductCode)" Name="$(var.ProductName)" Language="!(loc.LANG)" Version="$(var.ProductVersion)" Manufacturer=" MyCompany" UpgradeCode="$(var.UpgradeCode)">
<Package InstallerVersion="200" Compressed="yes" InstallScope="perMachine" Id="*" />
<MajorUpgrade DowngradeErrorMessage="A newer version of [ProductName] is already installed." />
<!--<Upgrade Id="$(var.UpgradeCode)">
<UpgradeVersion OnlyDetect="yes" Minimum="1.0.0" Maximum="2.0.0" IncludeMinimum="yes" IncludeMaximum="yes" Property="NEWERFOUND" />
</Upgrade>-->
<InstallExecuteSequence>
<!--<RemoveExistingProducts After="InstallExecute" />
<DeleteServices>NOT UPGRADINGPRODUCTCODE</DeleteServices>-->
<!--<InstallServices>NOT UPGRADINGPRODUCTCODE,NOT WIX_UPGRADE_DETECTED</InstallServices>-->
<DeleteServices>NOT UPGRADINGPRODUCTCODE</DeleteServices>
</InstallExecuteSequence>
<Condition Message='This application only runs on Windows 7 or higher OS versions.'>
<![CDATA[Installed OR (VersionNT64 >= 601)]]>
</Condition>
<MediaTemplate />
<Property Id="MSIFASTINSTALL" Value="1"/>
<Property Id="MsiLogging" Value="v" />
<Property Id="MSIENFORCEUPGRADECOMPONENTRULES" Value="1" />
<Property Id="INSTALLDIR">
<RegistrySearch Id='MyCompanyMSISampleRegistry' Type='raw' Root='HKLM' Key='SOFTWARE\MyCompany\CustomApp' Name='INSTALLDIR' Win64='yes' />
</Property>
<WixVariable Id="WixUILicenseRtf" Value="License.rtf" />
<Feature Id='Complete' Title='Foobar 1.0' Description='The complete package.'
Display='expand' Level='1' ConfigurableDirectory='INSTALLDIR' AllowAdvertise='no' InstallDefault='local' Absent='disallow'>
<Feature Id="FileFeature" Title="File Feature" Level="1" AllowAdvertise='no' InstallDefault='local' Absent='disallow' Display='expand'>
<ComponentRef Id="FileComponent"/>
<ComponentRef Id="UpgradeFileComponent"/>
</Feature>
<Feature Id="ServiceFeature" Title="Service Feature" Level="1" AllowAdvertise='no' InstallDefault='local' Absent='disallow' Display='expand'>
<ComponentRef Id="ServiceComponent"/>
<ComponentRef Id="deleteFolder"/>
</Feature>
<Feature Id="RegistryFeature" Title="Registry Feature" Level="1" AllowAdvertise='no' InstallDefault='local' Absent='disallow' Display='expand'>
<ComponentRef Id="RegistryComponent"/>
</Feature>
<Feature Id='Documentation' Title='Description' Description='The instruction manual.' Level='2' AllowAdvertise='no' InstallDefault='followParent' Absent='disallow'>
<ComponentRef Id='Manual' />
</Feature>
</Feature>
<!--<UIRef Id="WixUI_Mondo"/>
<UIRef Id="WixUI_ErrorProgressText" />-->
<UI Id="MyWixUI_Mondo">
<UIRef Id="WixUI_Mondo" />
<DialogRef Id="ServiceAccountDlg" />
<Publish Dialog="LicenseAgreementDlg" Control="Next" Event="NewDialog" Value="ServiceAccountDlg" Order="2">LicenseAccepted = "1"</Publish>
<Publish Dialog="SetupTypeDlg" Control="Back" Event="NewDialog" Value="ServiceAccountDlg">1</Publish>
</UI>
<UIRef Id="WixUI_ErrorProgressText" />
<Icon Id="MyCompanyBanner.ico" SourceFile="Binary\MyCompanyBanner.ico" />
</Product>
<Fragment>
<Component Id='Manual' Guid='7470A2CD-B07C-4AB4-9152-8C6AA53FA0F7' Directory='INSTALLDIR'>
<File Id='Manual' Name='Manual.pdf' DiskId='1' Source='1.0.0\Manual.pdf' KeyPath='yes'>
<Shortcut Id="startmenuManual" Directory="DesktopFolder" Name="Instruction Manual" Advertise="yes" />
</File>
</Component>
</Fragment>
<Fragment>
<Directory Id="TARGETDIR" Name="SourceDir">
<Directory Id="ProgramFilesFolder">
<Directory Id="INSTALLDIR" Name="$(var.InstallFolderName)" />
</Directory>
<Directory Id="DesktopFolder" Name="Desktop" />
<Directory Id="CommonAppDataFolder">
<Directory Id="MyCompanyTestInstallerLogs" Name="MyCompanyTestInstallerLogs">
<Component Id="deleteFolder" Guid="323549D2-90B7-4D5D-8A36-EEA0ACCCC35E">
<RemoveFile Id="deleteServiceFile" Name="MyCompanyTestWinSvcLog.txt" On="both" Directory="MyCompanyTestInstallerLogs"/>
<RemoveFolder Directory="MyCompanyTestInstallerLogs" Id="MyCompanyTestInstallerLogs" On="both"/>
</Component>
</Directory>
</Directory>
</Directory>
</Fragment>
<Fragment>
<Component Id="FileComponent" Directory="INSTALLDIR" Guid="F143BE3C-48D6-4138-B4E6-5CF44773CBA5" >
<File Id="SampleTextFile.txt" Name="Sample.txt" Source="$(var.Version)\Sample.txt" KeyPath="yes">
<Shortcut Id="startmenuSampleText" Directory="DesktopFolder" Name="MyCompany MSI Sample" WorkingDirectory='INSTALLDIR' Icon='MyCompanyBanner.ico' Advertise='yes' />
</File>
</Component>
</Fragment>
<Fragment>
<Component Id="UpgradeFileComponent" Directory="INSTALLDIR" Guid="4582597C-2CE0-451E-8B89-83BA4ABCE464">
<File Id="SampleXMLFile.xml" Name="Sample.xml" Source="$(var.Version)\Sample.xml" KeyPath="yes" />
</Component>
</Fragment>
<Fragment>
<Component Id='ServiceComponent' Directory="INSTALLDIR" Guid="AEA0E53F-3D70-4010-8592-9A01FE49344D">
<util:User Domain="[DOMAIN]" Id="svcUser" Name="[USER_NAME]" Password="[PASSWORD]" LogonAsService="yes" CreateUser="no"/>
<File Id='MyCompanyTestWinSvc' Name='MyCompanyTestWinSvc.exe' Source='Binary\MyCompanyTestWinSvc.exe' KeyPath='yes' />
<ServiceInstall Id="installMyCompanyTestWinSvc" Name="MyCompanyTestWinSvc" DisplayName="MyCompany Install Test Windows Service" Start="auto" ErrorControl="normal" Type="ownProcess" Account="[DOMAIN]\[USER_NAME]" Password="[PASSWORD]" />
<ServiceControl Id="sc_MyCompanyTestWinSvc" Name="MyCompanyTestWinSvc" Start="install" Stop="both" Remove="uninstall" Wait="yes" />
<ServiceControl Id="stopAndStartIIS" Name="IISADMIN" Start="uninstall" Stop="install" Wait="yes" />
<ServiceControl Id="stopAndStartSQL" Name="MSSQLSERVER" Start="uninstall" Stop="install" Wait="yes" />
</Component>
</Fragment>
<Fragment>
<Component Id="RegistryComponent" Directory="INSTALLDIR" Guid="8D8D93A4-09F5-4511-B291-720A7BC70529">
<RegistryValue Root='HKCU' Key='Software\[Manufacturer]\[ProductName]' Type='string' Value='' KeyPath='yes' />
</Component>
</Fragment>
</Wix>
Your MajorUpgrade does not specify where it is scheduled. As the docs say, the default is after InstallValidate and "This scheduling removes the installed product entirely before installing the upgrade product. " So your major upgrade will uninstall the older product completely, deleting the service, and then install your upgrade.
So you should start by having your major upgrade scheduled afterInstallExecute, because this will behave like an update on top of the existing installed product and the reference counting should minimize disruption to your service. This means that you must follow component rules, and increment the file versions of versioned files that need replacing.
Having said that, an upgrade is always an uninstall of the older product, so the ServiceControl in that older version will run, and Remove="both" might be the problem, deleting the service during the upgrade. So the original WiX ServiceControl matters.
Also, if the component rules haven't been followed an upgrade afterInstallValidate will work fine because it uninstalls everything then installs the new product. But if the component rules have not been followed in an upgrade afterInstallExecute the service component may be getting uninstalled (because of differing component ids), and there may well be other effects of not following the rules.
And to make it clear, you do not need a condition on delete services in your new install. I would start just by sequencing the major upgrade in a better place. Also, UPGRADINGPRODUCTCODE as a condition in your new upgrade has absolutely no effect. This property is set in the older product if it is being uninstalled with an upgrade. If you want to use this property it should be in the original product that is already installed, so if it's shipped and installed it is too late to alter that code now (without a patch and so on).
A more verbose MSI log would show more detail about what is happening and in what order, specify the string as voicewarmup.
I added this to my <InstallExecuteSequence>
<!-- http://stackoverflow.com/questions/15965539/how-to-only-stop-and-not-uninstall-windows-services-when-major-upgrade-in-wix don't change service config on upgrade -->
<DeleteServices>NOT UPGRADINGPRODUCTCODE</DeleteServices>
<InstallServices>NOT WIX_UPGRADE_DETECTED</InstallServices>
Seemed to work for me but I don't use this anymore due to changes in the product. You have to be sure you won't be changing the configuration of the service between versions since when you do change the configuration you do need to uninstall and install the services during the upgrade.
Services only get deleted on real unininstall (Rob [answerer of commented question] notes you don't need to condition around the Remove state since the install/uninstall state of the services is noted in the components)
And we only install the services on the first install.
I am new to office 365. I have developed one taskpane add in (testaddin) for word 2016 using javacript api. In word 2016, I want to create new tab (testtab) and add a button to it . On clicking that button, i need to display my testaddin in taskpane. I have got sample manifest file here. https://github.com/OfficeDev/Office-Add-in-Commands-Samples/tree/master/Word. After downloading files where to place the manifest file.
I already have one shared directory which contains my testaddin manifest file and its loading in taskpane.
Any help will be really appreciated.
The manifest you refer from GitHub is a runnable one. We can modify it base on our requirement and deploy it into the share folder too. For example, to create a new tab on the ribbon instead of using the build-in tab, we need to use the “CustomTab” instead of “OfficeTab”.
Here is the detail steps:
Modify the manifeste like below(you need to modify the source
location and images based on your business requirement)
<?xml version="1.0" encoding="UTF-8"?>
<OfficeApp xmlns="http://schemas.microsoft.com/office/appforoffice/1.1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:bt="http://schemas.microsoft.com/office/officeappbasictypes/1.0" xmlns:ov="http://schemas.microsoft.com/office/taskpaneappversionoverrides" xsi:type="TaskPaneApp">
<!-- BeginBasicSettings: Add-in metadata, used for all versions of Office unless override provided -->
<!--IMPORTANT! Id must be unique for your add-in, if you clone this manifest ensure that you change this id to your own GUID -->
<Id>651a32a9-ab8a-4579-ac9f-df1a11a64e54</Id>
<!--Version. Updates from the store only get triggered if there is a version change -->
<Version>1.0.0.0</Version>
<ProviderName>Contoso</ProviderName>
<DefaultLocale>en-US</DefaultLocale>
<!-- The display name of your add-in. Used on the store and various placed of the Office UI such as the add-ins dialog -->
<DisplayName DefaultValue="Citations" />
<Description DefaultValue="Citations Example"/>
<!--Icon for your add-in. Used on installation screens and the add-ins dialog -->
<IconUrl DefaultValue="https://i.imgur.com/LltG56v.png" />
<!--Todo: Add requirement sets and remove commenting of high res icon -->
<!--The HighResolutionIcon element is commented because it is valid only for 1.1 (or above) versions of the manifest.
To use this property, convert this manifest to version 1.1 by adding an API set in the Activation tab of the manifest editor.-->
<!--<HighResolutionIconUrl DefaultValue="https://i.imgur.com/MPuvMiq.png" />-->
<!--Domains that will be allowed when navigating. For example, if you use ShowTaskpane and then have an href link, navigation will only be allowed if the domain is on this list -->
<AppDomains>
<AppDomain>AppDomain1</AppDomain>
<AppDomain>AppDomain2</AppDomain>
<AppDomain>AppDomain3</AppDomain>
</AppDomains>
<!--EndBasicSettings-->
<!--BeginTaskpaneMode integration. Office 2013 and any client that doesn't understand commands will use this section.
This section will also be used if there are no VersionOverrides -->
<Hosts>
<Host Name="Document" />
</Hosts>
<DefaultSettings>
<SourceLocation DefaultValue="https://addinwithfabric.azurewebsites.net/index.html" />
</DefaultSettings>
<!--EndTaskpaneMode integration -->
<Permissions>ReadWriteDocument</Permissions>
<!--BeginAddinCommandsMode integration-->
<VersionOverrides xmlns="http://schemas.microsoft.com/office/taskpaneappversionoverrides" xsi:type="VersionOverridesV1_0">
<!-- Optional, override the description of the Add-in -->
<Description resid="residToolTip" />
<!--Required, hosts node. Each host can have a different set of commands -->
<Hosts>
<!--Specific host. Workbook=Excel, Document=Word, Presentation=PowerPoint -->
<Host xsi:type="Document">
<!-- Form factor. Currenly only DesktopFormFactor is supported. We will add TabletFormFactor and PhoneFormFactor in the future-->
<DesktopFormFactor>
<!--GetStarted information used on the callout that appears when installing the add-in.
Ensure you have build 16.0.6769 or above for GetStarted section to work-->
<GetStarted>
<!--Title of the Getting Started callout. resid points to a ShortString resource -->
<Title resid="Contoso.GetStarted.Title"/>
<!--Description of the Getting Started callout. resid points to a LongString resource -->
<Description resid="Contoso.GetStarted.Description"/>
<!--Not used right now but you need to provide a valid resource. We will add code in the future to consume this URL.
resid points to a Url resource -->
<LearnMoreUrl resid="Contoso.GetStarted.LearnMoreUrl"/>
</GetStarted>
<!--Function file is an html page that includes the javascript where functions for ExecuteAction will be called.
Think of the FunctionFile as the "code behind" ExecuteFunction
This sample doesn't use this file, just adding the element for reference-->
<!--PrimaryCommandSurface==Main Office Ribbon-->
<ExtensionPoint xsi:type="PrimaryCommandSurface">
<!--Use OfficeTab to extend an existing Tab. Use CustomTab to create a new tab -->
<!-- Documentation includes all the IDs currently tested to work -->
<CustomTab id="Contoso.Citations">
<!--Group. Ensure you provide a unique id. Recommendation for any IDs is to namespace using your companyname-->
<Group id="Contoso.Citations.Group1Id1">
<!--Label for your group. resid must point to a ShortString resource -->
<Label resid="residLabel4" />
<!--Icons. Required sizes 16,31,80, optional 20, 24, 40, 48, 64. Strongly recommended to provide all sizes for great UX -->
<!--Use PNG icons and remember that all URLs on the resources section must use HTTPS -->
<Icon>
<bt:Image size="16" resid="icon1_16x16" />
<bt:Image size="32" resid="icon1_32x32" />
<bt:Image size="80" resid="icon1_80x80" />
</Icon>
<!--Control. It can be of type "Button" or "Menu" -->
<Control xsi:type="Button" id="Button3Id1">
<!--Label for your button. resid must point to a ShortString resource -->
<Label resid="residLabel3" />
<Supertip>
<!--ToolTip title. resid must point to a ShortString resource -->
<Title resid="residLabel" />
<!--ToolTip description. resid must point to a LongString resource -->
<Description resid="residToolTip" />
</Supertip>
<Icon>
<bt:Image size="16" resid="icon1_16x16" />
<bt:Image size="32" resid="icon3_32x32" />
<bt:Image size="80" resid="icon1_80x80" />
</Icon>
<!--This is what happens when the command is triggered (E.g. click on the Ribbon). Supported actions are ExecuteFuncion or ShowTaskpane-->
<Action xsi:type="ShowTaskpane">
<!--Provide a url resource id for the location that will be displayed on the taskpane -->
<SourceLocation resid="residUnitConverterUrl" />
</Action>
</Control>
</Group>
<Label resid="residLabel4" />
</CustomTab>
</ExtensionPoint>
</DesktopFormFactor>
</Host>
</Hosts>
<Resources>
<bt:Images>
<bt:Image id="icon1_16x16" DefaultValue="https://i.imgur.com/xV3upTT.png">
<bt:Override Locale="ja-jp" Value="https://i.imgur.com/xV3upTT.png" />
</bt:Image>
<bt:Image id="icon1_32x32" DefaultValue="https://i.imgur.com/kBw0iKX.png">
<bt:Override Locale="ja-jp" Value="https://i.imgur.com/kBw0iKX.png" />
</bt:Image>
<bt:Image id="icon1_80x80" DefaultValue="https://i.imgur.com/xV3upTT.png">
<bt:Override Locale="ja-jp" Value="https://i.imgur.com/xV3upTT.png" />
</bt:Image>
<bt:Image id="icon2_32x32" DefaultValue="https://i.imgur.com/LltG56v.png">
</bt:Image>
<bt:Image id="icon3_32x32" DefaultValue="https://i.imgur.com/6WiJTG0.png">
</bt:Image>
</bt:Images>
<bt:Urls>
<bt:Url id="residUnitConverterUrl" DefaultValue="https://addinwithfabric.azurewebsites.net/index.html">
</bt:Url>
<!--LearnMore URL currently not used -->
<bt:Url id="Contoso.GetStarted.LearnMoreUrl" DefaultValue="https://odsample.azurewebsites.net/Pages/GetStarted.html">
</bt:Url>
</bt:Urls>
<bt:ShortStrings>
<bt:String id="residLabel" DefaultValue="Get Data">
<bt:Override Locale="ja-jp" Value="JA-JP Multiple Buttons" />
</bt:String>
<bt:String id="residLabel2" DefaultValue="Save Data">
<bt:Override Locale="ja-jp" Value="JA-JP Multiple Buttons" />
</bt:String>
<bt:String id="residLabel3" DefaultValue="Search Citation">
<bt:Override Locale="ja-jp" Value="JA-JP Multiple Buttons" />
</bt:String>
<bt:String id="residLabel4" DefaultValue="Web Citations">
<bt:Override Locale="ja-jp" Value="JA-JP Multiple Buttons" />
</bt:String>
<bt:String id="residLabel5" DefaultValue="Another Command">
<bt:Override Locale="ja-jp" Value="JA-JP Multiple Buttons" />
</bt:String>
<bt:String id="Contoso.GetStarted.Title" DefaultValue="Citation Sample Loaded Successfully">
<bt:Override Locale="ja-jp" Value="JA-JP Get Started Title" />
</bt:String>
</bt:ShortStrings>
<bt:LongStrings>
<bt:String id="residToolTip" DefaultValue="Multiple Buttons Tooltip">
<bt:Override Locale="ja-jp" Value="JA-JP Multiple Buttons Tooltip" />
</bt:String>
<bt:String id="Contoso.GetStarted.Description" DefaultValue="Get going by opening the REFERENCES tab on the Ribbon then click WEB CITATIONS>SEARCH CITATION button">
<bt:Override Locale="ja-jp" Value="JA-JP Get Started Title" />
</bt:String>
</bt:LongStrings>
</Resources>
</VersionOverrides>
</OfficeApp>
Copy the manifest to the share folder which you have configure as
“Trusted Catalog” for the Word.
Insert the apps for Office from the share folder, you are able to
see the new tab “Web Citations” on the
ribbon
please make sure to follow the documentation. The manifest you downloaded should not require any changes, just to test it make sure to follow the links below:
Add-In Commands intro http://dev.office.com/docs/add-ins/design/add-in-commands
Check out the samples: https://github.com/OfficeDev/Office-Add-in-Commands-Samples/blob/master/README.md
Test it using a network share: https://dev.office.com/docs/add-ins/publish/create-a-network-shared-folder-catalog-for-task-pane-and-content-add-ins
If you follow these documents you should be able to test. Please let me know if the information on those pages is not useful, or how to improve it!..
thanks!
What is the difference between the customErrors and httpErrors sections of the web.config file in ASP.NET MVC applications?
What are the guidelines for using each section?
*Updated April 2016
The customErrors attribute is used when the .net code is throwing an exception (404, 403, 500 etc) and the httpErrors attribute is used when IIS itself is throwing an exception.
/myfakeextensionslessurl --> httpErrors 404
/myfakeaspsx.aspx --> customErrors 404
/myfakeimage.jpg --> httpErrors 404
/throw500.apx --> customErrors 500
/throw500 --> customErrors 500
There are a lot of pitfalls trying to configure this correctly. So if you are looking for a quick example, the best 2 options you have are:
Example 1: Using html pages
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="/Error500.html" redirectMode="ResponseRewrite">
<error statusCode="403" redirect="/Error403.html" />
<error statusCode="404" redirect="/Error404.html" />
<error statusCode="500" redirect="/Error500.html" />
</customErrors>
</system.web>
<system.webServer>
<httpErrors errorMode="DetailedLocalOnly" existingResponse="Auto">
<remove statusCode="403" />
<remove statusCode="404" />
<remove statusCode="500" />
<error statusCode="403" responseMode="File" path="Error403.html" />
<error statusCode="404" responseMode="File" path="Error404.html" />
<error statusCode="500" responseMode="File" path="Error500.html" />
</httpErrors>
</system.webServer>
Example 2: using aspx pages
<system.web>
<customErrors mode="RemoteOnly" defaultRedirect="/Error500.html" redirectMode="ResponseRewrite">
<error statusCode="403" redirect="/Error403.aspx" />
<error statusCode="404" redirect="/Error404.aspx" />
<error statusCode="500" redirect="/Error500.aspx" />
</customErrors>
</system.web>
<system.webServer>
<httpErrors errorMode="DetailedLocalOnly" existingResponse="Auto">
<remove statusCode="403" />
<remove statusCode="404" />
<remove statusCode="500" />
<error statusCode="403" responseMode="ExecuteURL" path="Error403.aspx" />
<error statusCode="404" responseMode="ExecuteURL" path="Error404.aspx" />
<error statusCode="500" responseMode="ExecuteURL" path="Error500.aspx" />
</httpErrors>
</system.webServer>
And in the aspx error pages you need to do something like this (example 404 page):
<%
Response.StatusCode = 404;
Response.TrySkipIisCustomErrors = true;
%>
Note: Using extension less urls in the customErrors section is not possible!. (without hacks)
One work around is to disable custom errors and let http errors handle the custom page. A friend has created such setup, when I find some time, I will share the code.
Background
A good custom error page will:
Show the real exception when you visit the problem page locally
Show a custom page when you visit the problem page remotely
Will not redirect, but simply show the error page content (because of seo reasons)
Will show the correct status code
So to clarify some options in our config:
<customErrors mode="RemoteOnly". You can specify here: On, Off, RemoteOnly.
On = Always show custom error pages
Off = Always show the real error
RemoteOnly = Show the error locally, but show the custom error page remotely.
So we want RemoteOnly for statement 1
<customErrors redirectMode="ResponseRewrite". You can specify here: ResponseRedirect or ResponseRewrite. The ResponseRedirect mode will redirect the error page to the custom error page. For a link crawler (SEO), this will result in 302 -> 500, but you want the link crawler to get a 500 error.
<httpErrors errorMode="DetailedLocalOnly". This the equivalent of the customErrors mode. Options that you have: Custom, Detailed, DetailedLocalOnly.
A good blog post which helped me a lot is: http://benfoster.io/blog/aspnet-mvc-custom-error-pages
Disclaimer: This is from my experience and not proven fact.
Both are used to define error handling for a website, but different software refers to different config elements.
customErrors are a legacy (backwards compatable) element, used by Visual Studio Development Server (aka. VSDS or Cassini).
httpErrors are the new element which is only used by IIS7.
This highlights the possible problem when developing ASP.NET websites while using VSDS instead of the local IIS.
Also, refer to this post by myself about how to handle error messages with IIS7, if you wish to have full control of the error output.
Summary:
Developing in VSDS - use customErrors
Publishing the site to IIS6 - use customErrors
Publishing the site to IIS7 - use httpErrors.
and if you develop with VSDS but publish to IIS7, then i guess u'll need both.
<customErrors> versus <httpErrors>
<customErrors>
still available in IIS7+
specify custom error pages for requests handled by ASP.NET
only handles requests within the ASP.NET application
static files such as HTML files or directory (“friendly”) URLs are not handled
<httpErrors>
introduced in IIS7
specify custom error pages for requests handled by IIS
handles requests within the ASP.NET application AND/OR handles requests outside the - ASP.NET application *
all files and URLs are handled *
Note: it is no longer necessary to use customErrors
Quoted source: Custom 404 and error pages in ASP.NET (excellent article)
ExecuteURL serves dynamic content such as an .aspx page (the path value has to be a server relative URL):
<system.webServer>
<httpErrors errorMode="Custom" existingResponse="Auto" defaultResponseMode="ExecuteURL" >
<remove statusCode="404"/>
<error statusCode="404" responseMode="ExecuteURL" path="/error.aspx" />
</httpErrors>
</system.webServer>
File serves a custom error file, such as a .html page:
<system.webServer>
<httpErrors errorMode="Custom" existingResponse="Auto" defaultResponseMode="File" >
<remove statusCode="404"/>
<error statusCode="404" path="404.html" />
</httpErrors>
</system.webServer>
Reference: HTTP Errors (www.iis.net)
for more details, read the www.iis.net link above
Errors section in web config is for providing custom http error handling approach there are two section, one customErrors inside the section system.web and another httpErrors inside the section system.webServer (as given below)
customErrors :
This section was in use before IIS 7 introduced, IIS 6 5 and before fully use this section for handling custom http errors according to http status code.
httpErrors :
IIS 7 and later use this section as well as customErrors section to handle custom http errors based on their file extensions if requested page extension register with ISAPI dll (.aspx, ashx, .asmx, .svc etc) like index.aspx then IIS pick up setting from customeErrors section else it pick up setting from httpErrors (IIS 7 hosted mode must be set as integrated mood not classic)
below are the examples that is for 404 error handling check link :
httperrors vs customerrors in webconfig , iis, asp.net
How can I set the Secure flag on an ASP.NET Session Cookie, so that it will only be transmitted over HTTPS and never over plain HTTP?
In the <system.web> element, add the following element:
<httpCookies requireSSL="true" />
However, if you have a <forms> element in your system.web\authentication block, then this will override the setting in httpCookies, setting it back to the default false.
In that case, you need to add the requireSSL="true" attribute to the forms element as well.
So you will end up with:
<system.web>
<authentication mode="Forms">
<forms requireSSL="true">
<!-- forms content -->
</forms>
</authentication>
</system.web>
See here and here for MSDN documentation of these elements.
There are two ways, one httpCookies element in web.config allows you to turn on requireSSL which only transmit all cookies including session in SSL only and also inside forms authentication, but if you turn on SSL on httpcookies you must also turn it on inside forms configuration too.
Edit for clarity:
Put this in <system.web>
<httpCookies requireSSL="true" />
Things get messy quickly if you are talking about checked-in code in an enterprise environment. We've found that the best approach is to have the web.Release.config contain the following:
<system.web>
<compilation xdt:Transform="RemoveAttributes(debug)" />
<authentication>
<forms xdt:Transform="Replace" timeout="20" requireSSL="true" />
</authentication>
</system.web>
That way, developers are not affected (running in Debug), and only servers that get Release builds are requiring cookies to be SSL.
Building upon #Mark D's answer I would use web.config transforms to set all the various cookies to Secure. This includes setting anonymousIdentification cookieRequireSSL and httpCookies requireSSL.
To that end you'd setup your web.Release.config as:
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.web>
<httpCookies xdt:Transform="SetAttributes(httpOnlyCookies)" httpOnlyCookies="true" />
<httpCookies xdt:Transform="SetAttributes(requireSSL)" requireSSL="true" />
<anonymousIdentification xdt:Transform="SetAttributes(cookieRequireSSL)" cookieRequireSSL="true" />
</system.web>
</configuration>
If you're using Roles and Forms Authentication with the ASP.NET Membership Provider (I know, it's ancient) you'll also want to set the roleManager cookieRequireSSL and the forms requireSSL attributes as secure too. If so, your web.release.config might look like this (included above plus new tags for membership API):
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.web>
<httpCookies xdt:Transform="SetAttributes(httpOnlyCookies)" httpOnlyCookies="true" />
<httpCookies xdt:Transform="SetAttributes(requireSSL)" requireSSL="true" />
<anonymousIdentification xdt:Transform="SetAttributes(cookieRequireSSL)" cookieRequireSSL="true" />
<roleManager xdt:Transform="SetAttributes(cookieRequireSSL)" cookieRequireSSL="true" />
<authentication>
<forms xdt:Transform="SetAttributes(requireSSL)" requireSSL="true" />
</authentication>
</system.web>
</configuration>
Background on web.config transforms here: http://go.microsoft.com/fwlink/?LinkId=125889
Obviously this goes beyond the original question of the OP but if you don't set them all to secure you can expect that a security scanning tool will notice and you'll see red flags appear on the report. Ask me how I know. :)
secure - This attribute tells the browser to only send the cookie if the request is being sent over a secure channel such as HTTPS. This will help protect the cookie from being passed over unencrypted requests. If the application can be accessed over both HTTP and HTTPS, then there is the potential that the cookie can be sent in clear text.