Internet Explorer 11 cannot connect to local host

If you think everything compatible with Windows 8.0 is also compatible with Windows 8.1, I am afraid you should reconsider. Perhaps if you have been with me so far, you are now aware of this fact. My latest experiments with Windows 8.1 Preview shows that Internet Explorer 11 has problems connecting to local system.
Screenshot - 1. IE11 cannot connect to 127.0.0.1

Symptoms

To be honest, I can’t remember what exactly happened when I decided there is something wrong. Remembering all the wrong things after I spend an hour trying to figure the right thing is very difficult. I installed IIS 8.5 and confirmed the following occurs: One: Internet Explorer 11 (IE11) cannot connect to http://127.0.0.1 while Firefox 23 can. Two: Both IE11 and Firefox can connect to http://localhost. Screenshot - 2. IE11 can connect to localhost Three: IE11 cannot connect to the local computer even when its Internet-facing IP address is used. In my example, it could not connect to http://192.168.1.169. Firefox could. Screenshot - 3. IE11 cannot connect to 192.168.1.169 Four: IE11 cannot connect to a local proxy server while Firefox can. It does not matter whether the proxy server is identified with localhost, 127.0.0.1 or 192.168.1.169. The proxy server that I used in this example is none other than Fiddler, developers’ favorite debugging tool. Screenshot - 4. IE cannot connect to Fiddler on localhost Five: This issue does not occur on Windows 7 with IE11 Preview installed. I could only reproduce it on Windows 8. I did not have access to Windows Server family at the time but the test is done on a pair of freshly installed virtual machines with Windows 7 and Windows 8. Screenshot - 5. IE11 on Windows 7 is okay I tried tweaking Internet Explorer’s enhanced protection settings to work around this issue but it was all in vain. I still think Microsoft, I or both might have missed something there. I strongly believe it should have had some effect.

Cause

This is not a surprise for those who know that the problem could be reproduced on the Metro-style instance of Internet Explorer 10 as well. Metro-style apps are sandboxed, meaning that Windows isolates them from the rest of the system. In doing so, it prevents them from circumventing isolation through network protocols. Indeed, what’s the point of isolation if an app could get the file it wanted through TCP/IP instead of file system API? Microsoft explains about this restrictions in “How to enable loopback and troubleshoot network isolation” on MSDN and introduces a command line tool that enables developers to make certain programs exempt to this isolation. Eric Lawrence, the developer behind Fiddler also explains the same thing with less technical terms in his blog post, “Revisiting Fiddler and Windows 8 Metro-style applications” and provides a graphical tool called EnableLoopback Utility to help better manage these exemptions. A project called Windows 8 Loopback Exemption Manager hosted on Codeplex also provides a similar tool. With either of these three tools, you can make a certain app running on Windows Runtime framework to be exempt from loopback traffic isolation. And now, as for Internet Explorer 11, which is a desktop app (as opposed to a Metro-style app): My experiments show that using either of the three tools, it is possible to break IE11 free from the isolation that prevents it from connecting to local system. This can only mean that IE11, at some level, takes advantage of the same isolation provided by Windows Runtime. What turns this issue into a bug is: Any by-design restriction that applies to http://127.0.0.1/ must also apply to http://localhost/ because they are different names for the same thing.

Impact

I tried Offline Explorer (OE) from MetaProducts, which installs a local web server for its own private use. Internet Explorer can connect to it via http://localhost:800 but cannot do so via http://127.0.0.1:800. Firefox can, and OE’s internal web browser control, which seems to be IE-based, has no trouble accessing the said URL. I wish I could try more apps and a couple of more scenarios (to find more bugs) but time does not allow. After all, I am not Raymond Chen of Microsoft who once made a living out of compatibility testing.

About these ads

Posted on 5 September 2013, in Software Development, Software Review and tagged , , , , , , , , , , , , , , . Bookmark the permalink. 4 Comments.

  1. Yes, it looks like a IE11 bug, but probably will be presented as a “security enhancement”.

    Some more info:

    - 127.0.0.1 does not work even if you add 127.0.0.1 to the list of trusted sites. Why?
    - 127.0.0.1 does work if you disable Protected Mode in the Internet Options.
    - Intranet addresses such as 192.168.1.254 do work.
    - localhost now works from the Metro Internet Explorer in Windows 8.1 too ????

  2. I’ve been experiencing this problem as well. Thanks for explaining the reason behind it. Since discovering it myself, I have also managed to fix it by adding the necessary URLs to the list of “Local intranet” sites in Internet Explorer. In “Internet Options”, under the “Security” tab, select “Local intranet”, and then click the “Sites” button near the top. In the window that opens, click the “Advanced” button, and add websites to this zone, and then they seem to work locally. This might be a simpler option for someone who only needs to access a few URLs locally.

  3. Thanks a lot for new information to get on that IE11 cannot connect to local host. Offcourse this may be security reason.But if I can follow above leonjanzea then offcourse I can find the solution.Any ways thanks for your new inventions.I loved it testing such bugs via internet explorer “internet options”.It is very much essential for my site http://www.mywindowshosting.com/

  1. Pingback: Internet Explorer 11 cannot connect to local host – Redux | Confidential Files!

Leave a comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: