40

Chrome allows us to disable the same origin policy, so we can test cross origin requests. I would like to know if there any possibility to do the same thing in IE

sideshowbarker
  • 81,827
  • 26
  • 193
  • 197
alex.mironov
  • 2,834
  • 6
  • 27
  • 41

3 Answers3

77

Yes you can set this in Internet Options: Go to the Security tab. For the current zone click the "Custom level..." button. In the next window, scroll about a third of the way down to "Miscellaneous > Access data sources across domains" and set it to "Enable". If the current zone is Internet, then you should add the site to the trusted and set this option for the trusted zone instead.

Note that this will effectively disable CORS and will not set the Origin header in the request.

If the resource your accessing requires authentication, you'll need to deal with this manually in the request or pre-authenticate yourself in your current browser session.

IE9 Access data sources across domains

tanguy_k
  • 11,307
  • 6
  • 54
  • 58
ianbeks
  • 2,198
  • 1
  • 23
  • 26
  • 3
    This did not work for me in IE 10... I still cannot access anything from the other page in an iframe or popup. – DFTR Feb 07 '14 at 20:27
  • 2
    You also may need to allow 3rd party cookies to allow session support like so: Internet Options -> Privacy -> Advanced -> Third Party Cookies -> Accept. Check "Override automatic cookie handling", "Accept" (Third-party Cookies) and "Always allow session cookies." – lubosdz May 28 '14 at 09:23
  • @DFTR You need to unselect "Enable Protected Mode". It works for me after I did that. – Ng2-Fun Jul 24 '17 at 20:31
6

On my computer I am using internet explorer 11 version I also have the same problem. I have done following steps to solve my problem.

Step 1 : Allow Cross domain Access 

 (Press) Alt -> Tools -> Internet Options -> Security (Tab) -> 
 Custom Level -> Miscellaneous -> Access data sources across domains ->
 Set to Enable

Step 2: Disable Protected mode

 (Press) Alt -> Tools -> Internet Options -> Security (Tab) -> 
 uncheck Enable Protected mode for Internet & Local Intranet

Step 3: Add localhost/domain to trusted site

 (Press) Alt -> Tools -> Internet Options -> Security (Tab) -> 
 Trusted site -> Sites -> Uncheck Require server verification(https:) -> 
 enter localhost url & click on add button.
Dharman
  • 30,962
  • 25
  • 85
  • 135
TheParam
  • 10,113
  • 4
  • 40
  • 51
0

As decribed at https://www.webdavsystem.com/ajax/programming/cross_origin_requests/

In FireFox, Safari, Chrome, Edge and IE 10+:

To enable cross-origin requests in FireFox, Safari, Chrome and IE 10 and later your server must attach the following headers to all responses:

Access-Control-Allow-Origin: http://webdavserver.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, Translate, Range, Content-Range, Timeout, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Location, Lock-Token, If
Access-Control-Expose-Headers: DAV, content-length, Allow

In Internet Explorer 9 and Earlier:

As told at https://stackoverflow.com/a/20947828/5035343

Community
  • 1
  • 1
Esther
  • 68
  • 4