Edge 15 - CORS request fails if target server requires client certificate

Confirmed Issue #12339859 • Assigned to Scott W.

Details

Created
Jun 14, 2017
Privacy
This issue is public.
Found in
  • Microsoft Edge
Found in build #
15.15063
Reports
Reported by 2 people

Sign in to watch or report this issue.

Steps to reproduce

ctionEdge: 40.15063.0.0
EdgeHTML: 15.15063
Windows 10 Creators Edition

I am working at a customer site which requires us to CAC enable all web sites. We are trying to use CORS request from JavaScript to a site that is CAC enabled where we provide certificate that’s present in our CAC as a client certificate.

Solution works in IE 11 with “XMLHttpRequest” as well as “whatwg-fetch” polyfill. It fails in Edge 15 with bare bones “XMLHttpRequest” object as well as “fetch” object .

If client certificate requirement is removed then call succeeds.

To quickly test:

  1. Set up a site that requires client certificate
  2. Test that you can access site with client certificate
  3. Go to http://www.test-cors.org
  4. In “Remote URL” field, type in URL of test site
  5. Check “With Credentials”
  6. Click on “Send Request”
  7. You will see that request fails with 403 error, there is no response body to see if server is returning any details
  8. Remove client certificate requirement from target server
  9. Submit request again from test-cors.org, request will succeed

Same test works with IE 11

Attachments

0 attachments

    Comments and activity

    • Microsoft Edge Team

      Changed Assigned To to “James M.”

      Changed Assigned To to “Venkat K.”

      Changed Assigned To from “Venkat K.” to “Scott W.”

    • I have done some additional testing with an earlier version of Edge and below are the results. As you can see, earlier version worked with Polyfill and XHR. In the Creators edition all 3 don’t work.

      Just as an FYI, to use "whatwg-fetch" polyfill, I am deleting native "fetch" using "delete windows.fetch" before loading polyfill.

      Test results
      Browser VersionNative fetchPolyfillXHR
      14.14393WorkedWorkedWorked
      14.14393 + Client CertTypeMismatchErrorWorkedWorked
      15.15063WorkedWorkedWorked
      15.15063 + Client CertFailed to fetch - 403Network request failed - 403403
    • Microsoft Edge Team

      Changed Status to “Confirmed”

      Changed Steps to Reproduce

    You need to sign in to your Microsoft account to add a comment.

    Sign in