SCRIPT5: Access is denied in IE9 on xmlhttprequest

var xhttp=new XMLHttpRequest();'GET', 'foo.xml', false);

F12 pops back: SCRIPT5: Access is denied. on Line 95, which is the line.

My JavaScript seems well-formed, and Firefox does what I think it should.

I've read a lot of questions very similar to this one, so I've checked out the Same Origin Policy, but I can't see how it'd apply considering foo.xml is in the same directory as the html file. I opened up the scripting permissions on my local intranet, and told McAfee to take a five-minute break, just to be sure. I even tried running IE as admin, so this can't really be a permissions issue can it? Why else would IE be denied access to a local file?



This example illustrate how to use AJAX to pull resourcess from any website. it works across browsers. i have tested it on IE8-IE10, safari, chrome, firefox, opera.

if (window.XDomainRequest) xmlhttp = new XDomainRequest();
else if (window.XMLHttpRequest) xmlhttp = new XMLHttpRequest();
else xmlhttp = new ActiveXObject("Microsoft.XMLHTTP");"GET", "", false);

hostipInfo = xmlhttp.responseText.split("\n");
var IP = false;
for (i = 0; hostipInfo.length >= i; i++) {
    if (hostipInfo[i]) {

        ipAddress = hostipInfo[i].split(":");
        if (ipAddress[0] == "IP") {
            IP = ipAddress[1];
return IP;

On IE7, IE8, and IE9 just go to Settings->Internet Options->Security->Custom Level and change security settings under "Miscellaneous" set "Access data sources across domains" to Enable.


This error message (SCRIPT5: Access is denied.) can also be encountered if the target page of a .replace method is not found (I had entered the page name incorrectly). I know because it just happened to me, which is why I went searching for some more information about the meaning of the error message.


Most likely, you need to have the Javascript served over SSL.



I think that the issue is that the file is on your local computer, and IE is denying access because if it let scripts have access to files on the comp that the browser is running on, that would be a HUGE security hole.
If you have access to a server or another comp that you could use as one, maybe you could try putting the files on the that, and then running the scripts as you would from a website.


Probably you are requesting for an external resource, this case IE needs the XDomain object. See the sample code below for how to make ajax request for all browsers with cross domains: = function (url,data,callBack,callBackParameter){
    if (url.indexOf("?")>0){
        data = url.substring(url.indexOf("?")+1)+"&"+ data;
        url = url.substring(0,url.indexOf("?"));
    data += "&randomNumberG=" + Math.random() + (Tork.debug?"&debug=1":"");
    var xmlhttp;
    if (window.XDomainRequest)
        xmlhttp=new XDomainRequest();
        xmlhttp.onload = function(){callBack(xmlhttp.responseText)};
    else if (window.XMLHttpRequest)
        xmlhttp=new XMLHttpRequest();
        xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
        if (xmlhttp.readyState==4 && xmlhttp.status==200){

I had faced similar issue on IE10. I had a workaround by using the jQuery ajax request to retrieve data:

    url: YOUR_XML_FILE
    aync: false,
    success: function (data) {   
        // Store data into a variable
    dataType: YOUR_DATA_TYPE,
        url: '//',
        type: 'POST',
        dataType: 'jsonp',
        success: function(location) {

This code will work https sites too


Open the Internet Explorer Developer Tool, Tools -> F12 developer tools. (I think you can also press F12 to get it)

Change the Document Mode to Standards. (The page should be automatically refresh, if you change the Document Mode)

Problem should be fixed. Enjoy


Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.