-
Notifications
You must be signed in to change notification settings - Fork 62
add API spec: IsEnhancedSecurityModeEnabled #5407
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Open
GittyHarsha
wants to merge
7
commits into
MicrosoftEdge:api-IsEnhancedSecurityModeEnabled
Choose a base branch
from
GittyHarsha:api-IsEnhancedSecurityModeEnabled-draft
base: api-IsEnhancedSecurityModeEnabled
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Changes from 2 commits
Commits
Show all changes
7 commits
Select commit
Hold shift + click to select a range
e37a275
add API spec: IsEnhancedSecurityModeEnabled
GittyHarsha dac498c
spec improvements
GittyHarsha eb5b444
address comments
GittyHarsha 711b317
use level instead of state
GittyHarsha 7f7c435
rename property name
GittyHarsha 4fd61f1
delete IsEnhancedSecurityModeEnabled.md
GittyHarsha 752b04c
rename property name and doc improvements
GittyHarsha File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,114 @@ | ||
| IsEnhancedSecurityModeEnabled API | ||
| === | ||
|
|
||
| # Background | ||
|
|
||
| Enhanced Security Mode (ESM) is a Microsoft Edge security feature that reduces the risk of memory-related vulnerabilities by disabling JavaScript Just-in-Time (JIT) compilation and enabling additional operating system protections. | ||
|
|
||
| In WebView2, ESM is off by default to avoid performance impact. Host applications can enable ESM for stricter security when rendering untrusted or sensitive content. While this improves security, it may reduce JavaScript performance. | ||
|
|
||
| In Microsoft Edge, ESM offers two states: | ||
|
|
||
| - Balanced – Enabled only for unfamiliar sites based on browsing heuristics. | ||
| - Strict – Always enabled for all sites. | ||
|
|
||
|  | ||
|
|
||
| Unlike Edge browser, WebView2 does not support heuristic-based “Balanced” state. The Only options are available: Off or Strict. | ||
|
|
||
| Currently, ESM can only be configured via the --sdsm-state browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. | ||
| This proposal introduces a profile-level API to enable or disable ESM and persist the setting in the user data folder, giving developers fine-grained control without relying on global flags.. | ||
|
|
||
| ## CoreWebView2Profile.IsEnhancedSecurityModeEnabled | ||
| Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. The setting is persisted in the user data folder. Default is false. | ||
|
|
||
| - true: ESM enabled in Strict state: disables JavaScript JIT and applies additional OS protections. | ||
| - false: ESM state is Off. | ||
|
|
||
| Changes apply to future navigations; reload may be required. Enabling ESM improves security but can reduce JavaScript performance. | ||
|
|
||
| # Examples | ||
|
|
||
| ## IsEnhancedSecurityModeEnabled | ||
|
|
||
| Enable Enhanced Security Mode for a profile. | ||
|
|
||
| ```c# | ||
| void EnableEnhancedSecurityMode() | ||
| { | ||
| var profile = webView2.CoreWebView2.Profile; | ||
| profile.IsEnhancedSecurityModeEnabled = true; | ||
| MessageBox.Show(this, "Enhanced security mode is enabled", "Enhanced Security Mode"); | ||
| } | ||
| ``` | ||
|
|
||
| ```cpp | ||
| void EnableEnhancedSecurityMode() | ||
| { | ||
| wil::com_ptr<ICoreWebView2_13> webView2_13; | ||
| webView2_13 = m_webView.try_query<ICoreWebView2_13>(); | ||
|
|
||
| if (webView2_13) | ||
| { | ||
| wil::com_ptr<ICoreWebView2Profile> profile; | ||
| CHECK_FAILURE(webView2_13->get_Profile(&profile)); | ||
|
|
||
| auto profile12 = profile.try_query<ICoreWebView2Profile12>(); | ||
| if (profile12) | ||
| { | ||
| CHECK_FAILURE(profile12->put_IsEnhancedSecurityModeEnabled(TRUE)); | ||
| MessageBox( | ||
| nullptr, L"Enhanced security mode is enabled", | ||
| L"Enhanced Security Mode", MB_OK); | ||
| } | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| # API Details | ||
|
|
||
| ```c# | ||
| /// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM). | ||
| /// | ||
| /// ESM reduces the risk of memory-related vulnerabilities by disabling JavaScript | ||
| /// Just-in-Time (JIT) compilation and enabling additional OS protections. | ||
| /// This property applies to all WebView2 instances sharing the same profile and | ||
| /// is persisted in the user data folder. | ||
| /// | ||
| /// Default: false. ESM state is Off. | ||
| /// | ||
| /// true: Enables ESM in Strict state for all sites. | ||
| /// false: ESM state is Off. | ||
| /// | ||
| /// Notes: | ||
| /// - Changes apply to future navigations; reload may be required. | ||
| /// - Enabling ESM improves security but may reduce JavaScript performance. | ||
| /// | ||
| /// See: https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-security-browse-safer | ||
| /// | ||
| /// | ||
| [uuid(d5b781db-0a75-5f9c-85b1-40fa814fcea7), object, pointer_default(unique)] | ||
| interface ICoreWebView2Profile12 : IUnknown { | ||
| /// Gets whether Enhanced Security Mode is enabled for this profile. | ||
| [propget] HRESULT IsEnhancedSecurityModeEnabled([out, retval] BOOL* value); | ||
|
|
||
| /// Enables or disables Enhanced Security Mode for this profile. | ||
| /// See notes above for behavior and performance impact. | ||
| [propput] HRESULT IsEnhancedSecurityModeEnabled([in] BOOL value); | ||
| } | ||
| ``` | ||
|
|
||
| ```c# | ||
| namespace Microsoft.Web.WebView2.Core | ||
| { | ||
| runtimeclass CoreWebView2Profile | ||
| { | ||
| // ... | ||
| [interface_name("Microsoft.Web.WebView2.Core.ICoreWebView2Profile12")] | ||
| { | ||
| // ICoreWebView2Profile12 members | ||
| Boolean IsEnhancedSecurityModeEnabled { get; set; }; | ||
| } | ||
| } | ||
| } | ||
| ``` | ||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.