XMLHttpRequest getting blocked by CORS Policy in Edge Browser latest v89.0

Ajithkumar G 1 Reputation point

Hi All,

I have created a sample application hosted in IIS server (local) , which will send a AJAX request from origin "https://xxxx.domain.com" to "https://localhost:15101" for getting some data but it is getting failed with below error on Edge Browser v89.0, the same request is working fine in Chrome browser.

ERROR : Access to XMLHttpRequest at 'https://xx.xxxx.xx' from origin 'https://localhost:15101' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I've tried adding the CORS headers - CrossDomain: true in the AJAX call as below but it doesn't help either

url: https://localhost:15101,
dataType: 'json',
type: 'GET',
Content-Type: 'application/json',
crossDomain: true,
xhrFields : { withCredentials: true },
}).done( successCallback)

I also tried couple of other ways, it nothing helped. Did anyone facing the same issue on EDGE Browser ?

Note: the issue started occurring after updated to latest version of EDGE.

Can anyone please help me with this?

Microsoft Edge
Microsoft Edge
A Microsoft cross-platform web browser that provides privacy, learning, and accessibility tools.
1,802 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Deepak-MSFT 2,186 Reputation points Microsoft Vendor

    @Ajithkumar G ,
    For testing purposes, I suggest you install the CORS module in IIS and add the Access-Control-Allow-Origin header to web.config file.

    Sample web.config file:

    <?xml version="1.0" encoding="utf-8"?>  
           <add name="Access-Control-Allow-Origin" value="*" />  

    See whether it helps to fix this issue.


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. Ajithkumar G 1 Reputation point

    Hi Deepak,

    Thanks for the suggestion.

    Unfortunately, it doesn't work either. Also the response header (Access-Control-Allow-Origin : * ) was present in the response when i try

    the same in Chrome Browser and CORS module were handled by the server application (i.e calling URL- localhost) fine.

    Adding the same header in web.config file resulting in duplicate entry since the server also adding it and site gets unavailable.

    Issue is happening only in Edge Browser and its getting blocked by CORS Policy.