Excel
A family of Microsoft spreadsheet software with tools for analyzing, charting, and communicating data.
2,073 questions
Handling office.js worksheet import issues with "extension hardening" level 2
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(240, 67%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETR%3C/text%3E%3C/svg%3E)
Thiemo Reichard
0
Reputation points
Hello,
we stumbled upon a problem with our Excel Add-in recently and are a little stumped. We are creating excel worksheets using Excel.createWorkbook() and insertWorksheetsFromBase64() to import data from a third party API into excel.
For security reasons however, some clients prefer to set their local policies "Force file extension to match file type" to strict (2; always match file type), within the excel security policies, which breaks the office.js functions used here. This issue is always present and seems to be by design judging from the answers in this Github issue.
Unfortunately, setting the policy to 1 (Allow different, but warn) is not enforceable in this case. Are there other options to facilitate similar functionality in the javascript API which does not trigger this security behavior?
To reproduce this issue, any add-in using the mentioned functionality with a strict extension hardening policy (level 2) should be sufficient, regardless of office.js-version or excel version as long as they are compatible (older office.js versions might outright crash the application; newer versions handle the exception).
The goal would be to enable worksheet creation from xlsx-documents which should not trigger the extension hardening policy, either by working around the security-policy or by using alternative functions that conform to the policy.
Thank you in advance!
Excel
JavaScript API
JavaScript API
An Office service that supports add-ins to interact with objects in Office client applications.
1,019 questions
Office Development
Office Development
Office: A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.Development: The process of researching, productizing, and refining new or existing technologies.
4,141 questions
{count} votes
-
Emi Zhang-MSFT 26,926 Reputation points Microsoft Vendor2025-01-07T08:54:42.1433333+00:00 Hi,
You need code to help you implement your needs, I added the Office Development tag. The reason why we recommend posting appropriately is you will get the most qualified pool of respondents, and other partners who read the forums regularly can either share their knowledge or learn from your interaction with us. Thank you for your understanding.
Sign in to comment
Sign in to answer