Search code examples
google-chromecorsmicrosoft-edgechromiumprivate-network-access

Request blocked by CORS policy after update to Edge 98.0.1108.43: Request had no target IP address space, yet the resource is in address space private

This problem also happens in Chrome.

Error in console:

Access to XMLHttpRequest at 'http://192.168.x.xxx:xxxx/' from origin 'http://xx.xxxx.com' has been blocked by CORS policy: Request had no target IP address space, yet the resource is in address space private.

My Edge worked fine last month. The problem started to happen after updating Edge.

The flag #block-insecure-private-network-requests is set to disabled.

Does anyone know how to fix this problem without reverting the browser to an old version?

Solution

  • Similar problem solved

    So for edge, just replace the regedit path

    "Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome"

    to

    "Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge"

    Note that changing this setting will effect all urls.

    More secure way is setting another regedit key, which is InsecurePrivateNetworkRequestsAllowedForUrls

    Steps:

    1. open regedit
    2. go to the path "Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge\InsecurePrivateNetworkRequestsAllowedForUrls" (create if it not exists)
    3. add string(REG_SZ), the key should be integers like "1,2,3,...", and the value for each string is the url you want to pass cors policy

    E.g.

    SOFTWARE\Policies\Microsoft\Edge\InsecurePrivateNetworkRequestsAllowedForUrls\1 = "http://www.example.com:8080"
SOFTWARE\Policies\Microsoft\Edge\InsecurePrivateNetworkRequestsAllowedForUrls\2 = "[*.]example.edu"