Background

I am attempting to develop an AngularJS app that is to be hosted as 'offline html' as part of the Resco MobileCRM software. This software provides offline access to CRM data via its own javascript libraries and this is working fine. I am also able to get a very simple angularjs application working, in terms of retrieving and displaying the data.

The AngularJS application is uploaded to the CRM using the Resco interface and then is download to each client machine via the resco software. The actual files end up in the users AppData folder on each client machine.

Problem

When I introduced routing to the angular app, either using ngRoute or ui-router, I am getting Access Denied errors. The resco software uses the underlying browser, which in my case is IE11. I have narrowed down the error to when angular is attempting to load the partials for the routes.

The offending code is below (angular.js v1.3.15 line 9805)

  xhr.open(method, url, true);

From my research, it seems like IE believes I am attempting a CORS request, however I am just attempting to load a file from disk. Various posts suggest I add the site to 'Trusted Sites', however I am not actually accessing another site. I also cannot host this on a web server as the whole purpose is to have this angular application accessible offline within the Resco MobileCRM application

I also get the same error if I navigate to the AppData folder and run the angularjs application directly from there (i.e. not in the resco application).

Other posts have suggested that I need to replace the XMLHttpRequest created by Angular with XDomainRequest but I am reluctant to change the angular library, especially if I don't understand why.

Would appreciate it if anyone could shed some light on why this is happening and how to fix it.

I have confirmed that this is not possible on any of the browsers. You cannot make xhr requests to files served locally from disk.

I got around this problem for directives by loading my 'partials' in to script tags and referring to the id of these script tags in the directives.

I did not try that with ui.router or ngRoute and instead opted to redesign my application in to a number of smaller application as they did not need to share any context