3rd party app unable to call our end point in edge version 143.0.3650.66

Hi Tarun,

Thanks for explaining the situation. So, after updating Microsoft Edge to version 143.0.3650.66, you're seeing this The is blocked because it was started by a public page trying to devices or servers on your local network message, right? Lets sort this together.

Lots of teams are seeing this too, especially those using third-party apps that to localhost or private IP addresses. It's a pain when those apps open in a new window and then need to to services only reachable through a VPN.

I see you want a solution that doesn't mess with Edge settings on either developer or user machines. The thing is, there are server-side and integration-level fixes that with Edge's security setup. You won't need to change browser settings or ask for user permissions.

Basically, recent Chromium versions (Chrome 141–142 and Edge 143) are stricter about local and private network access. A page loaded from a public source can't just reach private network targets (like localhost or VPN hosts) without a CORS-style check first. The server has to say it's okay with the request. Edge 143 has this as part of its LNA setup, which is in Microsoft's support and policy docs.

Here's how to fix the calls from the third-party site to your local/VPN ASPX endpoint without changing Edge settings:

Make sure your endpoint passes the PNA check

The ASPX/IIS endpoint needs to respond to OPTIONS requests and include Access-Control-Allow-Private-Network: true along with your regular CORS headers. If you're using the IIS CORS module, heads up—it doesn't send this header. Add it through web.config custom headers or middleware, and make sure it returns 200/204 for OPTIONS.

I hope this helps.

Best Regards,

Noel

Hi Tarun,

Thank you for the update. I hope it helps.

Feel free to reach us anytime.

Best Regards,

Noel