Home

Microsoft Edge Chromium - Headers that contain Access-Control-Allow-Origin are not working

%3CLINGO-SUB%20id%3D%22lingo-sub-711626%22%20slang%3D%22en-US%22%3EMicrosoft%20Edge%20Chromium%20-%20Headers%20that%20contain%20Access-Control-Allow-Origin%20are%20not%20working%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-711626%22%20slang%3D%22en-US%22%3E%3CP%20class%3D%22%22%3EI%20am%20seeing%20the%20following%20type%20of%20error%20in%20the%20browser%20console%20indicating%20that%20valid%20CORS%20requests%20are%20being%20rejected.%20The%20same%20functionality%20is%20working%20in%20the%20original%20Microsoft%20Edge%2C%20Internet%20Explorer%2011%2C%20and%20Google%20Chrome.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAccess%20to%20XMLHttpRequest%20at%20'%3CA%20href%3D%22https%3A%2F%2Fsomeplace.domain.net%2Fopenam%2Fjson%2Fauthenticate%3Frealm%3D%2Fdomain%2Fsystem%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsomeplace.domain.net%2Fopenam%2Fjson%2Fauthenticate%3Frealm%3D%2Fdomain%2Fsystem%3C%2FA%3E'%20from%20origin%20'%3CA%20href%3D%22https%3A%2F%2Fsomeotherplace.domain.net%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fsomeotherplace.domain.net%3C%2FA%3E'%20has%20been%20blocked%20by%20CORS%20policy%3A%20No%20'Access-Control-Allow-Origin'%20header%20is%20present%20on%20the%20requested%20resource.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIs%20there%20some%20reason%20for%20this%20to%20work%20differently%20in%20Edge%20Chromium%20than%20in%20other%20browsers%3F%20If%20this%20is%20a%20bug%20is%20there%20a%20workaround%3F%20If%20it%20is%20a%20%22feature%22%20how%20to%20we%20code%20our%20requests%20to%20avoid%20it%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20any%20assistance%20you%20can%20provide...%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-823315%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Edge%20Chromium%20-%20Headers%20that%20contain%20Access-Control-Allow-Origin%20are%20not%20working%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-823315%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F364002%22%20target%3D%22_blank%22%3E%40ejames429%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EAre%20you%20still%20seeing%20this%20behavior%3F%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGabriel%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-825399%22%20slang%3D%22en-US%22%3ERe%3A%20Microsoft%20Edge%20Chromium%20-%20Headers%20that%20contain%20Access-Control-Allow-Origin%20are%20not%20working%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-825399%22%20slang%3D%22en-US%22%3ENo%20with%20the%20latest%20version%20that%20I%20have%20(78.0.249.1)%20the%20issue%20no%20longer%20occurs.%3C%2FLINGO-BODY%3E
ejames429
New Contributor

I am seeing the following type of error in the browser console indicating that valid CORS requests are being rejected. The same functionality is working in the original Microsoft Edge, Internet Explorer 11, and Google Chrome.

 

Access to XMLHttpRequest at 'https://someplace.domain.net/openam/json/authenticate?realm=/domain/system' from origin 'https://someotherplace.domain.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

 

Is there some reason for this to work differently in Edge Chromium than in other browsers? If this is a bug is there a workaround? If it is a "feature" how to we code our requests to avoid it?

 

Thanks for any assistance you can provide...

2 Replies

@ejames429 

 

Are you still seeing this behavior?

 

Gabriel

No with the latest version that I have (78.0.249.1) the issue no longer occurs.
Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
46 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
How to Prevent Teams from Auto-Launch
chenrylee in Microsoft Teams on
29 Replies
Security Community Webinars
Valon_Kolica in Security, Privacy & Compliance on
13 Replies