{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 【Aperson】 的问题《Why are CORS requests failing in Microsoft Edge bu》','https://www.manongdao.com/q-152764.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm using jQuery to send cross origin ajax requests and they're working fine in IE11, Chrome and Firefox but they fail in Edge with the following error:
SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.
What's interesting is that I used Fiddler to try to figure out what was going on and when Fiddler is running and capturing requests everything works fine. As soon as I close Fiddler or pause capture it fails again.
The site is running on my local machine (webpack-dev-server) making requests across the local network to a WebAPI service.
My hosts file is set up like this:
127.0.0.1 local.myapp.test
192.168.0.111 api.myapp.test
It shouldn't be a problem in production as the site and API will be hosted in the same place but it's invaluable for development and testing.
Update:
Thanks to Eric Law I now know why it was behaving differently with Fiddler enabled - Edge was switching to Local Intranet zone because of the proxy settings change Fiddler makes and the intranet zone has a lower security level.
I'm going to bump the Local intranet zone security level up to Medium-High to match the Internet zone and then use Fiddler to try to work out why Edge is upset about the CORS request.
In about:flags inside of Edge make sure that "Allow localhost loopback (this might put your device at risk) " is checked.
I came across this question, and after trying several options, what worked for me was removing the domain I am working from all the Zone site entries. Using local.myapp.test as an example, I checked for any "anysubdomain".myapp.test, entries and removed them from all zones, including all sub domains or wild card entries.
In Internet Options (IE 11) , select security tab, and in "Local intranet" click "sites" then "Advanced" and removed relevant domain references in there.
In "Trusted sites" click "sites" and removed relevant entries from the list in there
I'll include below, verbatim, the answers that Eric Lawrence (creator of Fiddler) kindly provided on the Fiddler forum:
I added local.myapp.test (the URL I'm running my SPA from) to the Local Intranet zone in Internet Options and now Edge is happy without the need for Fiddler.