尝试在MS Edge中加载javascript文件时出现SEC7117错误 [英] SEC7117 Error when trying to load a javascript file in MS Edge

问题描述

当使用Microsoft Edge尝试从另一台服务器加载javascript文件时出现此错误.我觉得这与服务器是http而不是https有关，但是我不确定.它在IE中起作用(允许不安全的内容之后)，但是我在Edge中找不到允许不安全的内容的选项.

I'm getting this error when trying to load a javascript file from another server when using microsoft edge. I have a feeling it's related to the server being http instead of https, but I'm not sure. It works in IE (after allowing unsecured content), but I can't find an option in Edge to allow unsecured content.

这是我收到的错误:

SEC7117: Network request to http://servername/whatever.js did not succeed. This Internet Explorer instance does not have the following capabilities: privateNetworkClientServer 

提前感谢您的帮助！

推荐答案

它可能与Internet/Intranet区域而不是http/https的混合有关.

It may have something to do with mixing the Internet/Intranet Zones rather than the http/https.

请参阅此处:了解增强型受保护模式

私人网络资源

由于EPM没有声明privateNetworkClientServer功能，因此可以保护您的Intranet资源免受多种类型的跨区域攻击(通常称为跨站点请求伪造(CSRF)"和"Intranet端口扫描".)Internet页面无法陷害Intranet页面，无法从中加载图像或资源，向其发送CORS XHR请求等.

Because EPM does not declare the privateNetworkClientServer capability, your Intranet resources are protected from many types of cross-zone attacks (usually called "Cross-Site-Request-Forgery (CSRF)" and "Intranet Port Scanning.") Internet pages are not able to frame Intranet pages, load images or resources from them, send them CORS XHR requests, etc.

我知道这是一篇旧文章，但是由于Microsoft MSDN站点仍参考IE11，因此该信息似乎仍然很重要(例如:

I know that this is an old post, but the info still seems to be relevant since Microsoft MSDN site still references it with regards to IE11 (e.g. here: Enhanced Protected Mode on desktop IE). I also know that IE11 is not Edge, but this info might apply to metro-style apps as well.

[更新]

在我的设置中，Edge无法将我的页面加载到iframe中.当我尝试在单独的边缘"选项卡中加载页面时，它的加载就很好了.

In my setup Edge failed to load my page in an iframe. When I tried loading the page in a separate Edge tab, it loaded just fine.

事实证明，在加载公共安全页面时，Edge无法加载私有/本地安全SSL页面(iframe).两个站点均使用公共SSL证书进行保护，以防止出现混合内容问题.问题是，边缘安全性检测到iframe站点位于用户本地网络(专用/域网络)上，并阻止页面加载到iframe中. Edge在开发人员控制台中报告以下安全错误:

It turns out Edge fails to load a private/local secured SSL page (iframe) when in-conjunction of loading a public secured page. Both sites are secured using public SSL certificates to prevent mixed content issues. The issue is that Edge security detects that the iframe site is located on the users local network (private/domain network) and prevents the page from loading in an iframe. Edge reports the following security errors in developer console:

SEC7117: Network request to https://my.company.com/default.html did not succeed. This Internet Explorer instance does not have the following capabilities: privateNetworkClientServer
SEC7111: HTTPS security is compromised by ms-appx-web://microsoft.microsoftedge/assets/errorpages/dnserror.html

为解决此问题，我们将内部站点移到了非本地地址空间(使用与本地网络不同的子网的私有网络空间)中，以便Edge将站点检测为公共网络.或者，您可以将资源移至真正的公共地址.

To resolve the issue we moved the internal site to a non-local address space (a private network space using a different subnet from the local network) so that Edge detects the site as public network. Alternatively you could move the resources to a true public address.

这篇关于尝试在MS Edge中加载javascript文件时出现SEC7117错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！