Hi,
I have a Web app which I want to test from a Web server running using "0.0.0.0" so it's accessible from localhost and intranet hostname. This app makes a XMLHttpRequest (no credentials) to an external HTTPS domain and it works fine with Chrome and Firefox (and also Safari on Mac OS X),
I recall this has worked before with IE 11 (our minimal browser platform for this app) and Project Spartan (aka Edge) but now we get the following error with XMLHttpRequest on IE11 and Edge (Windows 10 release) for the Web app using "localhost" and the intranet hostname:
File: app.html SEC7118: XMLHttpRequest for https://<external addr> required Cross Origin Resource Sharing (CORS). File: app.html SEC7119: XMLHttpRequest for https://<external addr> File: app.html SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.
Note that the preflight succeeds and the Origin header in the request matches the Access-Control-Allow-Origin header in the preflight response. The question is why do we still get the above Network Error if the preflight works?
We solved access for Web app using localhost address by changing the setting "Access data sources across domains" to "Enable" under Local Intranet zone in the Internet Options > Security tab.
However this setting does not apply when we access the app using the local intranet hostname!
I've tried many solutions to this and the following did not work:
* We have tried adding "http://<intranet hostname>" to the Local intranet zone
* Use HTTPS for the local Web server
* Add external site and localhost to Trusted sites group
What is general practice here for developers wanting to test their Web apps locally using IE?
It seems that the setup is unnecessarily complicated when compared to development using Chrome and Firefox.
Regards,
Andy