4,124 questions
[Teams custom tab] Iframe blocking scripts/requests redirects - ERR_TO_MANY_REDIRECTS
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 39%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPN%3C/text%3E%3C/svg%3E)
Przemyslaw Noskowicz
0
Reputation points
Hello,
We have been using a custom Microsoft Teams application for several years now. This app renders a web application page inside an iframe (custom tab), and before rendering the actual content, it performs silent authentication.
For the silent authentication mechanism, we are using the following libraries:
- jQuery (3.1.1)
- MicrosoftTeams.js (1.6.0)
- adal.js (1.0.18)
The flow is as follows: The iframe in the Teams custom tab loads a web application page, which is responsible for performing silent authentication. Once the token is obtained, the page redirects the user (with the token) to the final destination page. This setup has been working fine for years, but recently it stopped functioning — without any changes on our side.
We’re currently facing the following issues:
- Scripts and CSS files are no longer being loaded in the iframe view.
- Redirects initiated from within the iframe no longer work.
- This happens regardless of whether the script is hosted locally within the application or is publicly accessible.
It appears that a new policy or restriction has been introduced that blocks script execution and/or any kind of redirection within iframes. This behavior was not present previously, and the application has been working reliably for several years.
Can someone help us investigate this issue or confirm if any recent policy or platform-level changes could be causing this? Below are the attachments.
- The
adal.jsscript is included locally from within the application.
- The
adal.jsscript is included from a public URL. - The message displayed by the custom tab when attempting to launch it.
- Application console
Thank you in advance for any help or guidance you can provide!
Microsoft Teams | Development
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 85%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENM%3C/text%3E%3C/svg%3E)
Nivedipa-MSFT 3,646 Reputation points Microsoft External Staff Moderator2025-03-25T09:22:56.57+00:00 @Przemyslaw Noskowicz - Thank you for bringing this issue to our attention.
Could you please share your app manifest zip to test at our end? -
Przemyslaw Noskowicz 0 Reputation points
2025-03-28T13:05:43.8833333+00:00 @Nivedipa-MSFT any updates/tips that can help us to unlock our app?
-
Nivedipa-MSFT 3,646 Reputation points Microsoft External Staff Moderator
2025-04-03T06:49:55.07+00:00 @Przemyslaw Noskowicz - Could you please share your app manifest zip to investigate further?
Sign in to comment
Sign in to answer