FF (62) and Chrome (69) consider http://127.0.0.1 a potentially trustworthy URL. This behavior is described in Certificates for localhost article, details are provided on w3.org site.
This allows to do XHR requests to http://127.0.0.1 from within HTTPS. For example JS code on a resource https://something-in-my-network.net can do XHR to http://127.0.0.1:8080 if there is a local service running.
But IE (11) prohibits these requests.
It is possible to configure IE to allow XHR to http://127.0.0.1 from within HTTPS?
The following code can be used to reproduce the problem:
var xhr = new XMLHttpRequest();
xhr.open('GET', 'http://127.0.0.1:8080', true);
IE will immediately throw Access denied while other browsers will not.
from Is it possible to configure IE to allow XHR to `http://127.0.0.1 from` HTTPS?
No comments:
Post a Comment