Menu
I'm getting this error when trying to load a javascript file from another server when using microsoft edge. I have a feeling it's related to the server being http instead of https, but I'm not sure. It works in IE (after allowing unsecured content), but I can't find an option in Edge to allow unsecured content.
This is the error I'm receiving:
SEC7117: Network request to http://servername/whatever.js did not succeed. This Internet Explorer instance does not have the following capabilities: privateNetworkClientServer
Thanks in advance for your help!
693
Click the wrench icon on the toolbar. Click Options > Under the Hood. In the Privacy section, click Content settings. Scroll to the JavaScript section and click Allow all sites to run JavaScript (recommended).
Microsoft Edge does support JavaScript. If you are using Edge Chromium, access the website, click the lock icon on the upper-left > select site permissions > JavaScript > Allow.
Microsoft EdgeOpen the Control Panel. Click or double-click the Internet Options icon. In the Internet Properties window, click the Security tab. Select the Trusted sites entry and click the Sites button.
It is a fake error message and users are suggested not to contact the number displayed in the error message. If you receive this error message while opening Microsoft Edge or while surfing the internet by using Microsoft Edge, try the fixes described in this article.
Windows 7 users who wish to turn on JavaScript in Microsoft Edge, can do so in just a few easy steps: Start your Microsoft Edge browser. Click on the three-dot icon in the upper right corner of the screen to access the Menu tab. Now, select the “Settings” item on the Menu interface to access the Settings section.
Find the item labeled “Cookies and site permissions” in the left-hand Settings list, and then select it. Under Site Permissions, select the “JavaScript” section. On the JavaScript menu, locate the button beside “Allow (recommended)” and toggle it so that it turns blue. Refresh your Mac Microsoft Edge to apply settings.
It turns out Edge fails to load a private/local secured SSL page (iframe) when in-conjunction of loading a public secured page. Both sites are secured using public SSL certificates to prevent mixed content issues.
Today, modern web browsers like Microsoft Edge have JavaScript enabled by default, allowing users to enjoy consistent interactive experiences on web pages. With JavaScript turned off, Edge users will be unable to view or experience dynamic features on the internet.
It may have something to do with mixing the Internet/Intranet Zones rather than the http/https.
See here: Understanding Enhanced Protected Mode
Private Network resources
Because EPM does not declare the privateNetworkClientServer capability, your Intranet resources are protected from many types of cross-zone attacks (usually called “Cross-Site-Request-Forgery (CSRF)” and “Intranet Port Scanning.”) Internet pages are not able to frame Intranet pages, load images or resources from them, send them CORS XHR requests, etc.
I know that this is an old post, but the info still seems to be relevant since Microsoft MSDN site still references it with regards to IE11 (e.g. here: Enhanced Protected Mode on desktop IE). I also know that IE11 is not Edge, but this info might apply to metro-style apps as well.
[UPDATE]
In my setup Edge failed to load my page in an iframe. When I tried loading the page in a separate Edge tab, it loaded just fine.
It turns out Edge fails to load a private/local secured SSL page (iframe) when in-conjunction of loading a public secured page. Both sites are secured using public SSL certificates to prevent mixed content issues. The issue is that Edge security detects that the iframe site is located on the users local network (private/domain network) and prevents the page from loading in an iframe. Edge reports the following security errors in developer console:
SEC7117: Network request to https://my.company.com/default.html did not succeed. This Internet Explorer instance does not have the following capabilities: privateNetworkClientServer
SEC7111: HTTPS security is compromised by ms-appx-web://microsoft.microsoftedge/assets/errorpages/dnserror.html
To resolve the issue we moved the internal site to a non-local address space (a private network space using a different subnet from the local network) so that Edge detects the site as public network. Alternatively you could move the resources to a true public address.
85
Here are two alternatives to restructuring your network:
E.g. If external.somedomain contains reference to internal.mydomain/whatever.js then add external.somedomain to "Local intranet" zone in "Internet Options".
E.g. If external.somedomain contains reference to internal.mydomain/whatever.js then change external.somedomain hostname to external.mydomain.
Both of these options will essentially allow scripts on the external site to probe for HTTPS services on your internal network to some extent, which I assume is what this security feature is trying to prevent. The first option being the least secure as the second option is limited to probing matching domain names.
During testing, I noticed that Edge seems to get network details from Active Directory when Windows is domain joined. It's likely to prevent externally hosted sites linking to resources hosted anywhere within your AD domain, and not just the current subnet you are connected to. The one exception is if the externally hosted site shares the same base domain name. All this is apparently undocumented, which is why I'm posting this info here.
36
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
