发表新帖
发表新帖

SEC7118: XMLHttpRequest CORS - IE Console message

后端 未结
关注
4 2129
暗喜
暗喜 2021-02-07 02:40

I am using CORS POST request with everything taken care as given @http://www.html5rocks.com/en/tutorials/cors/

Server sets Response header to: \'Access-Control-Allow-Ori

相关标签:
4条回答
  • 梦如初夏
    2021-02-07 02:48

    I encountered SEC7118 when CORS was set up correctly. I verified that the requests were completing with status 200 using the network debugger. So, you can disregard this message if your application is otherwise functioning properly.

    0 讨论(0)
  • 情歌与酒
    2021-02-07 02:58

    I have seen this error in IE11:

    SEC7118: XMLHttpRequest for http:// required Cross Origin Resource Sharing (CORS)

    Adding the following to my .htaccess fixed it:

    <IfModule mod_setenvif.c>
    <IfModule mod_headers.c>
        <FilesMatch "\.(cur|gif|ico|jpe?g|png|svgz?|webp)$">
            SetEnvIf Origin ":" IS_CORS
            Header set Access-Control-Allow-Origin "*" env=IS_CORS
        </FilesMatch>
    </IfModule>
</IfModule>

    Reference: https://developer.mozilla.org/en-US/docs/Web/HTML/CORS_enabled_image

    0 讨论(0)
  • 长情又很酷
    2021-02-07 02:59

    From MSDN:

    Security error codes are in the form SEC7xxx [In IE]

    Pertaining to SEC7118:

    An XMLHttpRequest was made to a domain that was different than your page's domain. This requires the server to return an "Access-Control-Allow-Origin" header in its response headers, but one was not returned.

    Note This error code was removed in IE11 on Windows 10. It remains in IE11 for Windows 8.1 and Windows 7.

    So it is technically viewed as an error from IE's perspective, but certainly isn't one (hence why it is going away). Access-Control-Allow-Origin is set on a resource, but isn't necessarily sent back with the request. If a specified resource DOESN'T have Access-Control-Allow-Origin:* (or a domain), the resource would not be accessible and the server would likely return a 503 or 404 and you would see a true error message in the console similar to the below:

    XMLHttpRequest cannot load http://example.com/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://blog.example.com' is therefore not allowed access.

    0 讨论(0)
  • 庸人自扰
    2021-02-07 03:07

    I had this same issue. It has to do with Internet Explorer's handing of third party cookies. You can fix this issue by going into Tools>Internet Options then selecting the Privacy tab. If you change the setting to "Accept All Cookies" you will no longer see that message.

    The safer way to do this would be to click on the "Sites" button and allow cookies from your site's url.

    enter image description here

    0 讨论(0)
 看不清?
提交回复
热议问题