I developed an Excel Add-in using JavaScript API (office.js). Then, I'm using an Asp.Net MVC at the server-side. This works fine on excel desktop, but custom functions don't work in Excel on the web. When I inspect the task pane it shows these errors:

In Excel on the Web, the task pane and the commands work fine. The CORS problem in functions.json is strange because this archive belongs to the dist folder.
I see these documents and tried to modify the HTTP response headers but it doesn't work.
ewa-refused-to-get-unsafe-header-quotxendsessionquot
OBS: Everything is hosted at the same domain
Can you give me some direction?