The Internet Explorer and Edge browsers silently fail to set cookies when a domain is specified and does not include a TLD (e.g. localhost or nexus), this causes requests to Nexus to be detected as forged requests and rejected.
We've attached a patch file which fixes this issue for version 3.15.2-01. It will only work for that version, don't try to apply it to other versions.
To apply this patch, replace the file "nexus-3.15.2-01/system/org/sonatype/nexus/nexus-rapture/3.15.2-01/nexus-rapture-3.15.2-01.jar" with the attached version, and restart Nexus.