问题描述

我正在使用jQuery发送跨源ajax请求，它们在IE11，Chrome和Firefox中运行正常，但在Edge中失败，并出现以下错误:

I'm using jQuery to send cross origin ajax requests and they're working fine in IE11, Chrome and Firefox but they fail in Edge with the following error:

有趣的是，我使用Fiddler试图弄清发生了什么，以及Fiddler运行和捕获请求时一切正常.一旦我关闭Fiddler或暂停捕获，它就会再次失败.

What's interesting is that I used Fiddler to try to figure out what was going on and when Fiddler is running and capturing requests everything works fine. As soon as I close Fiddler or pause capture it fails again.

该站点正在我的本地计算机(webpack-dev-server)上运行，并通过本地网络向WebAPI服务发出请求.

The site is running on my local machine (webpack-dev-server) making requests across the local network to a WebAPI service.

我的主机文件设置如下:

My hosts file is set up like this:

127.0.0.1   local.myapp.test
192.168.0.111   api.myapp.test

在生产中应该不会有问题，因为站点和API将托管在同一个地方，但是对于开发和测试来说是无价的.

It shouldn't be a problem in production as the site and API will be hosted in the same place but it's invaluable for development and testing.

更新:

感谢Eric Law，我现在知道为什么启用Fiddler时其行为会有所不同-Edge切换到本地Intranet区域是因为Fiddler进行了代理设置更改，并且Intranet区域的安全级别较低.

Thanks to Eric Law I now know why it was behaving differently with Fiddler enabled - Edge was switching to Local Intranet zone because of the proxy settings change Fiddler makes and the intranet zone has a lower security level.

提琴手论坛答案

我将把本地Intranet区域的安全级别提高到中-高，以匹配Internet区域，然后使用Fiddler尝试弄清Edge对CORS请求感到不安的原因.

I'm going to bump the Local intranet zone security level up to Medium-High to match the Internet zone and then use Fiddler to try to work out why Edge is upset about the CORS request.

推荐答案

我将逐字列出Fiddler论坛上的Eric Lawrence(Fiddler的创建者)所提供的答案:

I'll include below, verbatim, the answers that Eric Lawrence (creator of Fiddler) kindly provided on the Fiddler forum:

...如果您将Intranet站点用作Internet区域站点中XHR的目标，则还有另一个因素在起作用.

... there's another factor at work here if you're using an Intranet site as the target of an XHR from a site in the Internet zone.

Edge在增强保护模式(AppContainer)中运行.该功能具有阻止从Internet区域进程访问专用网络资源的功能.请参阅 http://blogs.msdn.com/b/ieinternals/archive/2012/03/23/understanding-ie10-enhanced-protected-mode-network-详情请参阅security-addons-cookies-metro-desktop.aspx .

Edge runs in Enhanced Protected Mode (AppContainer). That has a feature which blocks access to Private Network Resources from Internet-Zone processes. See the "Private Network resources" section of http://blogs.msdn.com/b/ieinternals/archive/2012/03/23/understanding-ie10-enhanced-protected-mode-network-security-addons-cookies-metro-desktop.aspx for more details.

我在Internet选项的本地Intranet"区域中添加了local.myapp.test(运行SPA的URL)，现在Edge不需要Fiddler了.

I added local.myapp.test (the URL I'm running my SPA from) to the Local Intranet zone in Internet Options and now Edge is happy without the need for Fiddler.

这篇关于为什么CORS请求在Microsoft Edge中失败但在其他浏览器中可以工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！