Overview
In enterprise environments, configuring IIS to run on non-standard ports is a common practice. However, this can lead to unexpected browser behavior. One such case involves port 87, which works seamlessly in Internet Explorer (IE) and via Curl, but fails in Microsoft Edge and Google Chrome, throwing an ERR_UNSAFE_PORT error.
This blog explores the root cause and resolution strategies for this issue.
Summary
- Environment: Windows Server with Chromium-based Edge or Chrome
- Application: IIS-hosted application on port 87
- Symptoms:
- Works fine in Internet Explorer
- Works via Curl command
- Fails in Edge and Chrome with ERR_UNSAFE_PORT
Root Cause Analysis
Modern browsers like Edge and Chrome are built on the Chromium engine, which includes a security feature that blocks access to certain ports deemed unsafe. These ports are reserved for legacy or sensitive protocols and are listed in Chromium’s port_util.cc file.
Port 87 is among the restricted ports, historically associated with the ttylink protocol
The full list of blocked ports includes:
1, 7, 9, 11, 13, 15, 17, 19, 20, 21, 22, 23, 25, 37, 42, 43, 53, 69, 77, 79, 87, ...
For the complete list, refer to https://superuser.com/questions/188058/which-ports-are-considered-unsafe-by-chrome
Resolution Options
✅ Recommended Solution: Change the Port
- Action: Reconfigure IIS to use a port not listed in the restricted ports array.
- Reason: Chromium browsers will continue to block unsafe ports by design. There is no registry key or browser setting to override this behavior.
🧩 Alternative: Use IE Mode in Edge
- Action: Enable Internet Explorer Mode in Edge using the Enterprise Mode Site List Manager.
- Use Case: If changing the port is not feasible due to legacy dependencies.
Conclusion
The ERR_UNSAFE_PORT error in Edge and Chrome is not a bug but a security feature. While legacy tools like IE and Curl bypass this restriction, modern browsers enforce it strictly. The best path forward is to migrate your IIS service to a safe port or leverage IE Mode for backward compatibility.
References
https://superuser.com/questions/188058/which-ports-are-considered-unsafe-by-chrome
https://www-archive.mozilla.org/projects/netlib/portbanning#portlist