none
SharePoint 2013 + MS Office Web Apps (OWAps) + Google Chrome = Mixed Content Error RRS feed

  • Question

  • Good day.

    I have a SharePoint 2013 Server (with latest updates) and MS Office Web Apps (OWAps) attached as

    New-OfficeWebAppsFarm -ExternalUrl "https://webapp.company.com" -CertificateName "webapp.company.com" -EditingEnabled
    Set-SPWOPIZone internal-https
    New-SPWOPIBinding -ServerName webapp.company.com

    All works fine, all MS Office documents are be opened and edited in OWAps in all browsers exept one...

    The problem only with с Google Chrome: when document is try to open for edit, the browser blocked with shield sign

    and with error in webdevtools console:

    Mixed Content: The page at 'https://intranet.company.com/xxx.docx&action=default' was loaded over HTTPS, but requested an insecure resource 'ms-word:ofe|u|https://intranet.company.com/xxx.docx'. This request has been blocked; the content must be served over HTTPS.

    Im understand, that is so Chrome's problem, but is any solutions for this?


    • Edited by Allan Stark Monday, January 19, 2015 11:57 AM
    Monday, January 19, 2015 11:57 AM

All replies

  • The problem is that you defined an external url for the Office Web Apps farm and then set the zone to be internal-https.  If you are going to use an external URL on the Office Web Apps farm you should register it with SharePoint using external-https.

    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    Monday, January 19, 2015 1:33 PM
  • The problem is that you defined an external url for the Office Web Apps farm and then set the zone to be internal-https.  If you are going to use an external URL on the Office Web Apps farm you should register it with SharePoint using external-https.

    Paul Stork SharePoint Server MVP
    Principal Architect: Blue Chip Consulting Group
    Blog: http://dontpapanic.com/blog
    Twitter: Follow @pstork
    Please remember to mark your question as "answered" if this solves your problem.

    Ok, I am changed spwopizone to "external-https", re-build spwopibinding and restart iis, but the error steel be.
    Monday, January 19, 2015 6:56 PM
  • Hi,

    As I understand, you encountered the issue when you use Google Chrome.

    If browser detects content on the page coming from insecure (http) channels, the browser will prevent the content from loading. Chrome and Firefox protect your information through blocking the content. The article is about Browser Security and Mixed Content, you can go to know the cause about the issue.

    You can check these things below:

    1. Open the document by chrome in another computer to see if the same issue will appear.

    2. Is there some errors in the page? And check ULS log.

    3. Use HTTP diagnostic tool to retrieve your URLs. The article gives you the details about it.

    4.  Click on the 'shield' icon in the top-left corner of the address bar and select 'Disable Protection on This Page'.

    Best regards,

    Sara Fan

    Wednesday, January 21, 2015 8:43 AM
    Moderator
  • Hi,

    As I understand, you encountered the issue when you use Google Chrome.

    If browser detects content on the page coming from insecure (http) channels, the browser will prevent the content from loading. Chrome and Firefox protect your information through blocking the content. The article is about Browser Security and Mixed Content, you can go to know the cause about the issue.

    You can check these things below:

    1. Open the document by chrome in another computer to see if the same issue will appear.

    2. Is there some errors in the page? And check ULS log.

    3. Use HTTP diagnostic tool to retrieve your URLs. The article gives you the details about it.

    4.  Click on the 'shield' icon in the top-left corner of the address bar and select 'Disable Protection on This Page'.

    Best regards,

    Sara Fan

    Good day!

    Thanks for reply.

    1. Please, see my first post (start of topic). It's a problem only in Google Chrome, 32/64 bit, latest versions.

    2. Similarly.

    3. Similarly, in first post I take a sample from Chrome's Developers tools.

    4. There is no current option 'Disable protecrion on This Page', only 'Load unsafe script'. In browser settings I did not find any useful tweaks. Only one method - run browser with '--allow-running-insecure-content' option, but I have more than 500 users...

    Friday, January 23, 2015 10:11 AM
  • It's look like a Google Chrome's bug...

    https://code.google.com/p/chromium/issues/detail?id=318788

    Tuesday, February 10, 2015 2:46 PM