IE 11 Cross Domain Request












-1














EDIT2: Just want to say thanks to everyone that helped me with this in the comments. After looking across a bunch of websites in IE11 and looking at their ajax requests it seems like many peoples requests are being blocked from cors and most code falls back to jsonp so I think we will do the same.



EDIT: This is not a duplicate of the other mentioned question because as I stated below I am not using with credentials therefore it is not trying to send domain cookies with the request and doesn't require a P3P header. I have confirmed this by checking the privacy section in IE and nothing is being blocked.



I do a cross domain request to my endpoint from another website. I have no problems in any browser but IE11. Chome, FF all versions etc work fine. I am not setting any custom headers so there is no preflight request. I also am not using allow credentials so I wouldn't think I need any P3P header but I also tried this with no luck.



I get an info message that says XMLHTTPRequest for https://xxx required Cross Origin Resource Sharing (CORS) in my console



I can see the in the network tab that the HTTP response comes back fine but just that my XMLHTTPRequest function returns a status code of zero and the response body is empty.



My request is to a node js server will headers set as below. I have tired many combinations without luck. In production and working with other browsers I have far less headers.



  res.header('Access-Control-Allow-Origin', '*')

  res.header('Access-Control-Allow-Headers', 'Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If, Accept, Pragma')

  res.header('Access-Control-Allow-Methods', 'GET, POST')

  res.header('Access-Control-Expose-Headers', 'DAV, content-length, Allow')

  res.header('P3P', `CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"`)





node.js ajax internet-explorer cors xmlhttprequest







share|improve this question
























  • Possible duplicate of CORS request with IE11
    – darklightcode
    Nov 20 at 19:12










  • Please see my edit. This is not a duplicate as I am not using withCredentials.
    – ozzieisaacs
    Nov 20 at 19:28










  • Have you tried res.header('Access-Control-Allow-Origin', 'https://xxx') ?
    – darklightcode
    Nov 20 at 19:32










  • Add OPTIONS to res.header('Access-Control-Allow-Methods', 'GET, POST'), for the preflight, and make sure the OPTIONS request returns a valid status like 200 or 204 No Content and in the response headers you must have 'Location: /requested/url/path' (this should happen by default, but double check it in the developer tools)
    – darklightcode
    Nov 20 at 19:35












  • It doesn't do a preflight request because I'm not setting any custom headers. I did try setting the origin to the exact website origin instead of a wildcard and it didn't seem to make a difference.
    – ozzieisaacs
    Nov 20 at 19:56
















-1














EDIT2: Just want to say thanks to everyone that helped me with this in the comments. After looking across a bunch of websites in IE11 and looking at their ajax requests it seems like many peoples requests are being blocked from cors and most code falls back to jsonp so I think we will do the same.



EDIT: This is not a duplicate of the other mentioned question because as I stated below I am not using with credentials therefore it is not trying to send domain cookies with the request and doesn't require a P3P header. I have confirmed this by checking the privacy section in IE and nothing is being blocked.



I do a cross domain request to my endpoint from another website. I have no problems in any browser but IE11. Chome, FF all versions etc work fine. I am not setting any custom headers so there is no preflight request. I also am not using allow credentials so I wouldn't think I need any P3P header but I also tried this with no luck.



I get an info message that says XMLHTTPRequest for https://xxx required Cross Origin Resource Sharing (CORS) in my console



I can see the in the network tab that the HTTP response comes back fine but just that my XMLHTTPRequest function returns a status code of zero and the response body is empty.



My request is to a node js server will headers set as below. I have tired many combinations without luck. In production and working with other browsers I have far less headers.



  res.header('Access-Control-Allow-Origin', '*')

  res.header('Access-Control-Allow-Headers', 'Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If, Accept, Pragma')

  res.header('Access-Control-Allow-Methods', 'GET, POST')

  res.header('Access-Control-Expose-Headers', 'DAV, content-length, Allow')

  res.header('P3P', `CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"`)





node.js ajax internet-explorer cors xmlhttprequest







share|improve this question
























  • Possible duplicate of CORS request with IE11
    – darklightcode
    Nov 20 at 19:12










  • Please see my edit. This is not a duplicate as I am not using withCredentials.
    – ozzieisaacs
    Nov 20 at 19:28










  • Have you tried res.header('Access-Control-Allow-Origin', 'https://xxx') ?
    – darklightcode
    Nov 20 at 19:32










  • Add OPTIONS to res.header('Access-Control-Allow-Methods', 'GET, POST'), for the preflight, and make sure the OPTIONS request returns a valid status like 200 or 204 No Content and in the response headers you must have 'Location: /requested/url/path' (this should happen by default, but double check it in the developer tools)
    – darklightcode
    Nov 20 at 19:35












  • It doesn't do a preflight request because I'm not setting any custom headers. I did try setting the origin to the exact website origin instead of a wildcard and it didn't seem to make a difference.
    – ozzieisaacs
    Nov 20 at 19:56














-1












-1








-1







EDIT2: Just want to say thanks to everyone that helped me with this in the comments. After looking across a bunch of websites in IE11 and looking at their ajax requests it seems like many peoples requests are being blocked from cors and most code falls back to jsonp so I think we will do the same.



EDIT: This is not a duplicate of the other mentioned question because as I stated below I am not using with credentials therefore it is not trying to send domain cookies with the request and doesn't require a P3P header. I have confirmed this by checking the privacy section in IE and nothing is being blocked.



I do a cross domain request to my endpoint from another website. I have no problems in any browser but IE11. Chome, FF all versions etc work fine. I am not setting any custom headers so there is no preflight request. I also am not using allow credentials so I wouldn't think I need any P3P header but I also tried this with no luck.



I get an info message that says XMLHTTPRequest for https://xxx required Cross Origin Resource Sharing (CORS) in my console



I can see the in the network tab that the HTTP response comes back fine but just that my XMLHTTPRequest function returns a status code of zero and the response body is empty.



My request is to a node js server will headers set as below. I have tired many combinations without luck. In production and working with other browsers I have far less headers.



  res.header('Access-Control-Allow-Origin', '*')

  res.header('Access-Control-Allow-Headers', 'Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If, Accept, Pragma')

  res.header('Access-Control-Allow-Methods', 'GET, POST')

  res.header('Access-Control-Expose-Headers', 'DAV, content-length, Allow')

  res.header('P3P', `CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"`)





node.js ajax internet-explorer cors xmlhttprequest







share|improve this question















EDIT2: Just want to say thanks to everyone that helped me with this in the comments. After looking across a bunch of websites in IE11 and looking at their ajax requests it seems like many peoples requests are being blocked from cors and most code falls back to jsonp so I think we will do the same.



EDIT: This is not a duplicate of the other mentioned question because as I stated below I am not using with credentials therefore it is not trying to send domain cookies with the request and doesn't require a P3P header. I have confirmed this by checking the privacy section in IE and nothing is being blocked.



I do a cross domain request to my endpoint from another website. I have no problems in any browser but IE11. Chome, FF all versions etc work fine. I am not setting any custom headers so there is no preflight request. I also am not using allow credentials so I wouldn't think I need any P3P header but I also tried this with no luck.



I get an info message that says XMLHTTPRequest for https://xxx required Cross Origin Resource Sharing (CORS) in my console



I can see the in the network tab that the HTTP response comes back fine but just that my XMLHTTPRequest function returns a status code of zero and the response body is empty.



My request is to a node js server will headers set as below. I have tired many combinations without luck. In production and working with other browsers I have far less headers.



  res.header('Access-Control-Allow-Origin', '*')

  res.header('Access-Control-Allow-Headers', 'Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If, Accept, Pragma')

  res.header('Access-Control-Allow-Methods', 'GET, POST')

  res.header('Access-Control-Expose-Headers', 'DAV, content-length, Allow')

  res.header('P3P', `CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"`)





node.js ajax internet-explorer cors xmlhttprequest




node.js ajax internet-explorer cors xmlhttprequest






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Nov 29 at 16:22

























asked Nov 20 at 18:40









ozzieisaacs

3811315




3811315












  • Possible duplicate of CORS request with IE11
    – darklightcode
    Nov 20 at 19:12










  • Please see my edit. This is not a duplicate as I am not using withCredentials.
    – ozzieisaacs
    Nov 20 at 19:28










  • Have you tried res.header('Access-Control-Allow-Origin', 'https://xxx') ?
    – darklightcode
    Nov 20 at 19:32










  • Add OPTIONS to res.header('Access-Control-Allow-Methods', 'GET, POST'), for the preflight, and make sure the OPTIONS request returns a valid status like 200 or 204 No Content and in the response headers you must have 'Location: /requested/url/path' (this should happen by default, but double check it in the developer tools)
    – darklightcode
    Nov 20 at 19:35












  • It doesn't do a preflight request because I'm not setting any custom headers. I did try setting the origin to the exact website origin instead of a wildcard and it didn't seem to make a difference.
    – ozzieisaacs
    Nov 20 at 19:56


















  • Possible duplicate of CORS request with IE11
    – darklightcode
    Nov 20 at 19:12










  • Please see my edit. This is not a duplicate as I am not using withCredentials.
    – ozzieisaacs
    Nov 20 at 19:28










  • Have you tried res.header('Access-Control-Allow-Origin', 'https://xxx') ?
    – darklightcode
    Nov 20 at 19:32










  • Add OPTIONS to res.header('Access-Control-Allow-Methods', 'GET, POST'), for the preflight, and make sure the OPTIONS request returns a valid status like 200 or 204 No Content and in the response headers you must have 'Location: /requested/url/path' (this should happen by default, but double check it in the developer tools)
    – darklightcode
    Nov 20 at 19:35












  • It doesn't do a preflight request because I'm not setting any custom headers. I did try setting the origin to the exact website origin instead of a wildcard and it didn't seem to make a difference.
    – ozzieisaacs
    Nov 20 at 19:56
















Possible duplicate of CORS request with IE11
– darklightcode
Nov 20 at 19:12




Possible duplicate of CORS request with IE11
– darklightcode
Nov 20 at 19:12












Please see my edit. This is not a duplicate as I am not using withCredentials.
– ozzieisaacs
Nov 20 at 19:28




Please see my edit. This is not a duplicate as I am not using withCredentials.
– ozzieisaacs
Nov 20 at 19:28












Have you tried res.header('Access-Control-Allow-Origin', 'https://xxx') ?
– darklightcode
Nov 20 at 19:32




Have you tried res.header('Access-Control-Allow-Origin', 'https://xxx') ?
– darklightcode
Nov 20 at 19:32












Add OPTIONS to res.header('Access-Control-Allow-Methods', 'GET, POST'), for the preflight, and make sure the OPTIONS request returns a valid status like 200 or 204 No Content and in the response headers you must have 'Location: /requested/url/path' (this should happen by default, but double check it in the developer tools)
– darklightcode
Nov 20 at 19:35






Add OPTIONS to res.header('Access-Control-Allow-Methods', 'GET, POST'), for the preflight, and make sure the OPTIONS request returns a valid status like 200 or 204 No Content and in the response headers you must have 'Location: /requested/url/path' (this should happen by default, but double check it in the developer tools)
– darklightcode
Nov 20 at 19:35














It doesn't do a preflight request because I'm not setting any custom headers. I did try setting the origin to the exact website origin instead of a wildcard and it didn't seem to make a difference.
– ozzieisaacs
Nov 20 at 19:56




It doesn't do a preflight request because I'm not setting any custom headers. I did try setting the origin to the exact website origin instead of a wildcard and it didn't seem to make a difference.
– ozzieisaacs
Nov 20 at 19:56












1 Answer
1






active

oldest

votes


















-1














Moved to JSONP for IE11. This is what facebook embed code does and many other sites in IE11. Seemes like this is a common issue.






share|improve this answer





















    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53399454%2fie-11-cross-domain-request%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    -1














    Moved to JSONP for IE11. This is what facebook embed code does and many other sites in IE11. Seemes like this is a common issue.






    share|improve this answer


























      -1














      Moved to JSONP for IE11. This is what facebook embed code does and many other sites in IE11. Seemes like this is a common issue.






      share|improve this answer
























        -1












        -1








        -1






        Moved to JSONP for IE11. This is what facebook embed code does and many other sites in IE11. Seemes like this is a common issue.






        share|improve this answer












        Moved to JSONP for IE11. This is what facebook embed code does and many other sites in IE11. Seemes like this is a common issue.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Nov 29 at 16:23









        ozzieisaacs

        3811315




        3811315






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53399454%2fie-11-cross-domain-request%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Wiesbaden

            Image
            Wappen Deutschlandkarte 50.0825 8.24 117 Koordinaten: 50° 5′  N , 8° 14′  O Basisdaten Bundesland: Hessen Regierungsbezirk: Darmstadt Höhe: 117 m ü. NHN Fläche: 203,93 km 2 Einwohner: 278.654 (31. Dez. 2017) [1] Bevölkerungsdichte: 1366 Einwohner je km 2 Postleitzahlen: 65183–65207, 55246, 55252 Vorlage:Infobox Gemeinde in Deutschland/Wartung/PLZ enthält Text Vorwahlen: 0611, 06122, 06127, 06134 Kfz-Kennzeichen: WI Gemeindeschlüssel: 06 4 14 000 LOCODE: DE WIB NUTS: DE714 Stadtgliederung: 26 Ortsbezirke Adresse der Stadtverwaltung: Schlossplatz 6 65183 Wiesbaden Webpräsenz: www.wiesbaden.de Oberbürgermeister: Sven Gerich (SPD) Lage der Landeshauptstadt Wiesbaden in Hessen und im Regierungsbezirk Darmstadt Offizielles Logo der Landeshauptstadt Wiesbaden Flagge der Landeshauptstadt Wiesbaden Wiesbaden is
            Read more

            Marschland

            Image
            Kilometerweite Marsch in den Vier- und Marschlanden am Elbdeich Die Wedeler Marschlandschaft in Schleswig-Holstein Der Hadelner Kanal zur Entwässerung der Marsch Die tief gelegene Marsch und ein Entwässerungskanal Das Schöpfwerk Otterndorf im Land Hadeln zur Entwässerung der Medem verfügte damals bereits über die größte Kreiselpumpe Europas. Das Schöpfwerk in Neuhaus für die Aue und des Neuhaus-Bülkauer Kanals Als Marsch(land) (v. niederdt., altsächs. mersc ) – auch Masch , Mersch oder Schwemmland genannt – bezeichnet man eine nacheiszeitlich entstandene geomorphologische Landform im Gebiet der nordwestdeutschen Küsten und Flüsse sowie vergleichbare Landformen weltweit. Inhaltsverzeichnis 1 Landschaft 2 Entstehung 3 Marschböden 4 Nutzung 5 Marschgebiete in Deutschland 6 Siehe auch 7 Literatur 8 Weblinks 9 Einzelnachweise Landschaft | Marschen sind generell flache Landstriche ohne natürliche Erhebungen. Si
            Read more

            Dieringhausen

            Image
            Dieringhausen Stadt Gummersbach 50.982777777778 7.5316666666667 165 Koordinaten: 50° 58′ 58″  N , 7° 31′ 54″  O Höhe: 165  (160–245)  m Einwohner: 5055  (30. Jun. 2016) Postleitzahl: 51645 Vorwahl: 02261 Lage von Dieringhausen in Gummersbach Im Hohl ca. 1927–1930 Ansicht von Südwesten bei Bünghausen Dieringhausen (im örtlichen Dialekt Dierkesen ) ist ein Ortsteil von Gummersbach im Oberbergischen Kreis, Regierungsbezirk Köln, Nordrhein-Westfalen (Deutschland). Inhaltsverzeichnis 1 Geographie 2 Geschichte 3 Kultur 3.1 Sehenswürdigkeiten 3.2 Regelmäßige Veranstaltungen 4 Infrastruktur und Wirtschaft 4.1 Verkehr 4.1.1 Schienen- und Busverkehr 4.1.2 Straßen 4.2 Öffentliche Einrichtungen 4.2.1 Schulen und Bildungseinrichtungen 4.2.2 Kirchliche Einrichtungen 5 Persönlichkeiten 5.1 In Dieringhausen geboren 5.2 In Dieringhausen gelebt 6 Einzelnachweise 7
            Read more