javascript - CORS with IE11+ Access Denied with SSL to localhost -


Very short version: Has anyone successfully requesting local resources via AJAX, in IE on SEC? I'm not getting the "Access denied" error.

Tall version:

I am using AJAX to get from a web application that runs a local web service. The web service channel is encrypted so that if the remote site is being served on HTTPS, then "unsafe resource" errors appear on a secure page.

Therefore, there is a remote site of some kind in the address bar ... mysite.com is getting information from https: // localhost / .

The web service is setting the right header for CORS and works in Chrome and Firefox. In IE, if I enter a resource in my https: // localhost address bar, then the correct resource is returned and displayed. However, while using AJX (not just the address bar), a security setting in IE is denying entry. This document is in (part):

The only proper solution is to add the requested domain (in this case mysite.com) to trusted sites. It works, but we would not like to interfere with the user ... pointing to the knowledge base article on how to add a trusted site. Perhaps there is a good user experience for the other answers to that question for the reasons below. Are invalid - & gt;

Tap around something else and I found out:

Which was a reply to AJAX requests in IE it seemed promising , But as it turns out, IE11 has now deprecated the XDomainRequest API. This was probably the right thing for Microsoft ... but now the "hack" solution for adding a zero to the progress handler for the XDR object is definitely not an option and a one-time working wrapper is provided blank and zero.

Has anyone either completed:

a) Is there a way to get those requests without the need to modify reliable sites in IE? In other words, an updated version of the alternative solution in the second link?

b) As the "next best" case: is there a way to prompt the user to add a site to his trusted area? "mysite.com wants to add to your trusted zone. Yes / No confirm" and is it really without having to open your basic settings dialog and manually need? For security reasons, XDomainRequest objects of Internet Explorer access () on the intranet zone from Internet zones. I would not be surprised to know that this block was ported in the IE10 + CORS implementation for the XMLHTTPRequest object.

A method that can be help only localhost to 127.0.0.1 as the latter is the Internet Zone is considered as the intranet zone and as a result area-crossing is left.

However, you should know that Internet Explorer 10+ will reach all locales (via any address) everywhere when a site is running in an extended protected mode (EPM) - Currently in "loopback blocking", IE uses EMM for internet sites only when Metro / Impressive browsing mode (not in desktop) but it can change in the future.

No, there is no mechanism to show the zon-configuration UI for javascript or to move the site from one zone to another automatically, however, the fact that you have a local server , This means that you are already running a code on the client, which means that you can update the zone mapping on the client. Note that such changes require that you obtain user permission in advance, so that your installer is treated as malware by Windows Defender and other security products.

So, in summary, using IP address should be in the form of an alternative solution for many, but not all platforms.

Comments

Post a Comment

Popular posts from this blog

Verilog Error: output or inout port "Q" must be connected to a structural net expression -

I get the error every time, I try to compile. I'm not sure why anyone can help is? I'm new to verilog. Module D_FF (clerk, d, reset_n, q); Input D, Clack, reset_en; Output Q; reg Q; lab4_gdl f1 (.lk (~ clk), d (d), .q.m (qm)); lab4_GDL f2 (.Clk (Clk), D (QM), .Q (Q)); Always start at @ (posedge clk, neggeous reset_n) (Reset_n == 0) Q & lt; = 0; Other questions & lt; = D; Edit End: The problem is what we are asking to do: In this section, you apply the memory / registration circuit on the AlterEdie 2 board. will do. The circuit has the following specifications: The present value of swift SW15-0 on the D2 board should be shown in four hexadecimal four sections of HEX3-0. This part of the circuit will be combination logic. To use an active-less asynchronous reset and KEY1 to use KEY0 as the clock input, you must store SW15-0in in a 16-bit register in the value The register should be enabled to have a 16-bit positive edge, which uses the embedded D flip-flo
Read more

jasper reports - How to center align barcode using jasperreports and barcode4j -

I use iReport 5.5.0 . How to align a barcode component to the center The relevant piece of my jrxml is below & Lt; JR: Code 128 xmlns: JR = "http://jasperreports.sourceforge.net/jasperreports/components" xsi: schemaLocation = "http://jasperreports.sourceforge.net/jasperreports/components http: //jasperreports.sourceforge Purge / xsd / components.xsd "textPosition =" bottom "& gt; & Lt; Jr: codeExpression & gt; & Lt; [CDATA [$ F {number}]] & gt; & Lt; / Jr: codeExpression & gt; & Lt; / Jr: Code 128 & gt; & Lt; / componentElement & gt; "Text" itemprop = "text"> Create a style after this, it is called "barcode", like: & lt; Style name = "barcode" fontName = "Helvetica" fONTSIZE = "10" hAlign = "center" valign = "center" /> and set the property of your barcode element to "barcode".
Read more

c# - ASP.NET MVC - Attaching an entity of type 'MODELNAME' failed because another entity of the same type already has the same primary key value -

In brief, the wrapper module is inserted during posting and the status of an entry is changed to 'modified' . Before changing the state, the state is set to 'separate', but calling attachments () causes the same error to be thrown away. I am using EF 6. Model / wrapper class public class avi model {public A is a {get; Set; } Public listing & lt; B & gt; B {received; Set; } Public cc {receipt; Set; }} Administrator edit public functioning (int? id) {if (id == null) {new HttpStatusCodeResult (HttpStatusCode.BadRequest); } If (! Conveyor Access (id.Value)) new HTTPTitus code result (HTTP status code. Forbidden); Var aViewModel = new AViewModel (); aViewModel.A = db.As.Find (id); If (aViewModel.Receipt == zero) {return HttpNotFound (); } aViewModel.b = db.Bs.Where (x => x.aid == id.Value) .Oolist (); AViewModel.Vendor = db.Cs.Where (x => x.cid == aViewModel.a.cID) .FirstOrDefault (); See Return (aViewModel); } [HTPFost] [Valid AntitiferousTeacon
Read more