When using Hoxhunt button in OWA that is hosted on an on-premise Exchange Server 2019, 2016 or 2013, users may be presented with a dialog asking to trust the mail server where their Outlook Web Access is hosted.
Error description
An embedded page at appsforoffice.microsoft.com says
The domain [mail.example.com] is acting as Microsoft Office and can run Office add-ins, which may access your personal data. If you trust the domain to run as Office and access your data, click OK to continue.
Explanation
According to Microsoft, this behaviour is by design.
When you block third-party cookies in a web browser, you may be continually prompted to trust a particular add-in even though you keep selecting the option to trust it. This issue occurs also in privacy window modes (such as InPrivate mode in Microsoft Edge). This issue occurs because browser restrictions prevent the response from being recorded.
Resolution
To record the response and enable the add-in, you must enable third-party cookies for the domain that's hosting OWA or Office Online Server in the browser settings. To enable this setting, refer to the specific support documentation for the browser.