From e37a2757653ea1ddd859e4ffdbbec2cee6ecc287 Mon Sep 17 00:00:00 2001 From: Harsha Narayana P Date: Mon, 27 Oct 2025 20:23:05 +0530 Subject: [PATCH 1/7] add API spec: IsEnhancedSecurityModeEnabled --- specs/IsEnhancedSecurityModeEnabled.md | 116 +++++++++++++++++++++++++ 1 file changed, 116 insertions(+) create mode 100644 specs/IsEnhancedSecurityModeEnabled.md diff --git a/specs/IsEnhancedSecurityModeEnabled.md b/specs/IsEnhancedSecurityModeEnabled.md new file mode 100644 index 000000000..fac86ed4e --- /dev/null +++ b/specs/IsEnhancedSecurityModeEnabled.md @@ -0,0 +1,116 @@ +IsEnhancedSecurityModeEnabled API +=== + +# Background + +Enhanced Security Mode (ESM) is a Microsoft Edge security feature that reduces the risk of memory-related vulnerabilities by disabling JavaScript Just-in-Time (JIT) compilation and enabling additional operating system protections. + +In WebView2, ESM is off by default to avoid performance impact. Host applications can enable ESM for stricter security when rendering untrusted or sensitive content. While this improves security, it may reduce JavaScript performance. + +In Microsoft Edge, ESM offers two states: + +- Balanced – Enabled only for unfamiliar sites based on browsing heuristics. +- Strict – Always enabled for all sites. + +Unlike Edge, WebView2 does not support heuristic-based Balanced mode. Only deterministic options are available: Off or Strict. + +![image](https://github.com/MicrosoftEdge/WebView2Feedback/assets/82386753/35977716-e46c-4257-82da-906b0c6f833e) + +Unlike Edge browser, WebView2 does not support heuristic-based “Balanced” state. The Only options are available: Off or Strict. + +Currently, ESM can only be configured via the --sdsm-state browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. +This proposal introduces a profile-level API to enable or disable ESM and persist the setting in the user data folder, giving developers fine-grained control without relying on global flags.. + +## CoreWebView2Profile.IsEnhancedSecurityModeEnabled +Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. The setting is persisted in the user data folder. Default is false. + +- true: ESM enabled in Strict state: disables JavaScript JIT and applies additional OS protections. +- false: ESM state is Off. + +Changes apply to future navigations; reload may be required. Enabling ESM improves security but can reduce JavaScript performance. + +# Examples + +## IsEnhancedSecurityModeEnabled + +Enable Enhanced Security Mode for a profile. + +```c# +void EnableEnhancedSecurityMode() +{ + var profile = webView2.CoreWebView2.Profile; + profile.IsEnhancedSecurityModeEnabled = true; + MessageBox.Show(this, "Enhanced security mode is enabled", "Enhanced Security Mode"); +} +``` + +```cpp +void EnableEnhancedSecurityMode() +{ + wil::com_ptr webView2_13; + webView2_13 = m_webView.try_query(); + + if (webView2_13) + { + wil::com_ptr profile; + CHECK_FAILURE(webView2_13->get_Profile(&profile)); + + auto profile12 = profile.try_query(); + if (profile12) + { + CHECK_FAILURE(profile12->put_IsEnhancedSecurityModeEnabled(TRUE)); + MessageBox( + nullptr, L"Enhanced security mode is enabled", + L"Enhanced Security Mode", MB_OK); + } + } +} +``` + +# API Details + +```c# +/// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM). +/// +/// ESM reduces the risk of memory-related vulnerabilities by disabling JavaScript +/// Just-in-Time (JIT) compilation and enabling additional OS protections. +/// This property applies to all WebView2 instances sharing the same profile and +/// is persisted in the user data folder. +/// +/// Default: FALSE. ESM state is Off. +/// +/// TRUE: Enables ESM in Strict state for all sites. +/// FALSE: ESM state is Off. +/// +/// Notes: +/// - Changes apply to future navigations; reload may be required. +/// - Enabling ESM improves security but may reduce JavaScript performance. +/// +/// See: https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-security-browse-safer +/// +/// +[uuid(d5b781db-0a75-5f9c-85b1-40fa814fcea7), object, pointer_default(unique)] +interface ICoreWebView2Profile12 : IUnknown { + /// Gets whether Enhanced Security Mode is enabled for this profile. + [propget] HRESULT IsEnhancedSecurityModeEnabled([out, retval] BOOL* value); + + /// Enables or disables Enhanced Security Mode for this profile. + /// See notes above for behavior and performance impact. + [propput] HRESULT IsEnhancedSecurityModeEnabled([in] BOOL value); +} +``` + +```c# +namespace Microsoft.Web.WebView2.Core +{ + runtimeclass CoreWebView2Profile + { + // ... + [interface_name("Microsoft.Web.WebView2.Core.ICoreWebView2Profile12")] + { + // ICoreWebView2Profile12 members + Boolean IsEnhancedSecurityModeEnabled { get; set; }; + } + } +} +``` From dac498c32e82eb19ca240c0fb8d7160fd3dba2b5 Mon Sep 17 00:00:00 2001 From: Harsha Narayana P Date: Tue, 28 Oct 2025 09:18:37 +0530 Subject: [PATCH 2/7] spec improvements --- specs/IsEnhancedSecurityModeEnabled.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/specs/IsEnhancedSecurityModeEnabled.md b/specs/IsEnhancedSecurityModeEnabled.md index fac86ed4e..2a0f6126f 100644 --- a/specs/IsEnhancedSecurityModeEnabled.md +++ b/specs/IsEnhancedSecurityModeEnabled.md @@ -12,8 +12,6 @@ In Microsoft Edge, ESM offers two states: - Balanced – Enabled only for unfamiliar sites based on browsing heuristics. - Strict – Always enabled for all sites. -Unlike Edge, WebView2 does not support heuristic-based Balanced mode. Only deterministic options are available: Off or Strict. - ![image](https://github.com/MicrosoftEdge/WebView2Feedback/assets/82386753/35977716-e46c-4257-82da-906b0c6f833e) Unlike Edge browser, WebView2 does not support heuristic-based “Balanced” state. The Only options are available: Off or Strict. @@ -77,10 +75,10 @@ void EnableEnhancedSecurityMode() /// This property applies to all WebView2 instances sharing the same profile and /// is persisted in the user data folder. /// -/// Default: FALSE. ESM state is Off. +/// Default: false. ESM state is Off. /// -/// TRUE: Enables ESM in Strict state for all sites. -/// FALSE: ESM state is Off. +/// true: Enables ESM in Strict state for all sites. +/// false: ESM state is Off. /// /// Notes: /// - Changes apply to future navigations; reload may be required. From eb5b44413c199b7d89a84b6850908e0c8671b1da Mon Sep 17 00:00:00 2001 From: Harsha Narayana P Date: Thu, 30 Oct 2025 14:42:06 +0530 Subject: [PATCH 3/7] address comments --- specs/IsEnhancedSecurityModeEnabled.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/specs/IsEnhancedSecurityModeEnabled.md b/specs/IsEnhancedSecurityModeEnabled.md index 2a0f6126f..6450ae2df 100644 --- a/specs/IsEnhancedSecurityModeEnabled.md +++ b/specs/IsEnhancedSecurityModeEnabled.md @@ -9,18 +9,19 @@ In WebView2, ESM is off by default to avoid performance impact. Host application In Microsoft Edge, ESM offers two states: -- Balanced – Enabled only for unfamiliar sites based on browsing heuristics. +- Balanced – Enabled only for unfamiliar sites based on browser usage patterns. - Strict – Always enabled for all sites. ![image](https://github.com/MicrosoftEdge/WebView2Feedback/assets/82386753/35977716-e46c-4257-82da-906b0c6f833e) -Unlike Edge browser, WebView2 does not support heuristic-based “Balanced” state. The Only options are available: Off or Strict. +Unlike Edge browser, WebView2 does not support heuristic-based “Balanced” state. Only two options are available: Off and Strict. -Currently, ESM can only be configured via the --sdsm-state browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. -This proposal introduces a profile-level API to enable or disable ESM and persist the setting in the user data folder, giving developers fine-grained control without relying on global flags.. +Currently, ESM state can only be configured via the `--sdsm-state` browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. There is no flexibility to modify the state at runtime. + +This proposal introduces an API to enable or disable ESM and persist the configuration for a WebView2 profile within the user data folder. ## CoreWebView2Profile.IsEnhancedSecurityModeEnabled -Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. The setting is persisted in the user data folder. Default is false. +Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. This property value is persisted for a WebView2 profile in the user data folder. The default value is false. - true: ESM enabled in Strict state: disables JavaScript JIT and applies additional OS protections. - false: ESM state is Off. @@ -68,7 +69,7 @@ void EnableEnhancedSecurityMode() # API Details ```c# -/// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM). +/// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM) state. /// /// ESM reduces the risk of memory-related vulnerabilities by disabling JavaScript /// Just-in-Time (JIT) compilation and enabling additional OS protections. From 711b3177733ebf4a7053b841c7054f5d9c013481 Mon Sep 17 00:00:00 2001 From: Harsha Narayana P Date: Fri, 31 Oct 2025 09:45:16 +0530 Subject: [PATCH 4/7] use level instead of state --- specs/IsEnhancedSecurityModeEnabled.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/specs/IsEnhancedSecurityModeEnabled.md b/specs/IsEnhancedSecurityModeEnabled.md index 6450ae2df..b6dd18916 100644 --- a/specs/IsEnhancedSecurityModeEnabled.md +++ b/specs/IsEnhancedSecurityModeEnabled.md @@ -7,24 +7,24 @@ Enhanced Security Mode (ESM) is a Microsoft Edge security feature that reduces t In WebView2, ESM is off by default to avoid performance impact. Host applications can enable ESM for stricter security when rendering untrusted or sensitive content. While this improves security, it may reduce JavaScript performance. -In Microsoft Edge, ESM offers two states: +In Microsoft Edge, ESM offers two levels: - Balanced – Enabled only for unfamiliar sites based on browser usage patterns. - Strict – Always enabled for all sites. ![image](https://github.com/MicrosoftEdge/WebView2Feedback/assets/82386753/35977716-e46c-4257-82da-906b0c6f833e) -Unlike Edge browser, WebView2 does not support heuristic-based “Balanced” state. Only two options are available: Off and Strict. +Unlike Edge browser, WebView2 does not support heuristic-based "Balanced" level. Only two options are available: Off and Strict. -Currently, ESM state can only be configured via the `--sdsm-state` browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. There is no flexibility to modify the state at runtime. +Currently, ESM level can only be configured via the `--sdsm-state` browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. There is no flexibility to modify the level at runtime. This proposal introduces an API to enable or disable ESM and persist the configuration for a WebView2 profile within the user data folder. ## CoreWebView2Profile.IsEnhancedSecurityModeEnabled Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. This property value is persisted for a WebView2 profile in the user data folder. The default value is false. -- true: ESM enabled in Strict state: disables JavaScript JIT and applies additional OS protections. -- false: ESM state is Off. +- true: ESM enabled in Strict level: disables JavaScript JIT and applies additional OS protections. +- false: ESM level is Off. Changes apply to future navigations; reload may be required. Enabling ESM improves security but can reduce JavaScript performance. @@ -69,17 +69,17 @@ void EnableEnhancedSecurityMode() # API Details ```c# -/// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM) state. +/// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM) level. /// /// ESM reduces the risk of memory-related vulnerabilities by disabling JavaScript /// Just-in-Time (JIT) compilation and enabling additional OS protections. /// This property applies to all WebView2 instances sharing the same profile and /// is persisted in the user data folder. /// -/// Default: false. ESM state is Off. +/// Default: false. ESM level is Off. /// -/// true: Enables ESM in Strict state for all sites. -/// false: ESM state is Off. +/// true: Enables ESM in Strict level for all sites. +/// false: ESM level is Off. /// /// Notes: /// - Changes apply to future navigations; reload may be required. From 7f7c4353b120a14a8226e52cef51c6c23a4f0609 Mon Sep 17 00:00:00 2001 From: Harsha Narayana P Date: Fri, 31 Oct 2025 13:40:05 +0530 Subject: [PATCH 5/7] rename property name --- specs/EnhancedSecurityMode.md | 115 ++++++++++++++++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 specs/EnhancedSecurityMode.md diff --git a/specs/EnhancedSecurityMode.md b/specs/EnhancedSecurityMode.md new file mode 100644 index 000000000..a2e439e18 --- /dev/null +++ b/specs/EnhancedSecurityMode.md @@ -0,0 +1,115 @@ +EnhancedSecurityMode +=== + +# Background + +Enhanced Security Mode (ESM) is a Microsoft Edge security feature that reduces the risk of memory-related vulnerabilities by disabling JavaScript Just-in-Time (JIT) compilation and enabling additional operating system protections. + +In WebView2, ESM is off by default to avoid performance impact. Host applications can enable ESM for stricter security when rendering untrusted or sensitive content. While this improves security, it may reduce JavaScript performance. + +In Microsoft Edge, ESM offers two levels: + +- Balanced – Enabled only for unfamiliar sites based on browser usage patterns. +- Strict – Always enabled for all sites. + +![image](https://github.com/MicrosoftEdge/WebView2Feedback/assets/82386753/35977716-e46c-4257-82da-906b0c6f833e) + +Unlike Edge browser, WebView2 does not support heuristic-based "Balanced" level. Only two options are available: Off and Strict. + +Currently, ESM level can only be configured via the `--sdsm-state` browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. There is no flexibility to modify the level at runtime. + +This proposal introduces an API to enable or disable ESM and persist the configuration for a WebView2 profile within the user data folder. + +## CoreWebView2Profile.EnhancedSecurityMode +Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. This property value is persisted for a WebView2 profile in the user data folder. The default value is false. + +- true: ESM enabled in Strict level: disables JavaScript JIT and applies additional OS protections. +- false: ESM level is Off. + +Changes apply to future navigations; reload may be required. Enabling ESM improves security but can reduce JavaScript performance. + +# Examples + +## EnhancedSecurityMode + +Enable Enhanced Security Mode for a profile. + +```c# +void EnableEnhancedSecurityMode() +{ + var profile = webView2.CoreWebView2.Profile; + profile.EnhancedSecurityMode = true; + MessageBox.Show(this, "Enhanced security mode is enabled", "Enhanced Security Mode"); +} +``` + +```cpp +void EnableEnhancedSecurityMode() +{ + wil::com_ptr webView2_13; + webView2_13 = m_webView.try_query(); + + if (webView2_13) + { + wil::com_ptr profile; + CHECK_FAILURE(webView2_13->get_Profile(&profile)); + + auto profile12 = profile.try_query(); + if (profile12) + { + CHECK_FAILURE(profile12->put_EnhancedSecurityMode(TRUE)); + MessageBox( + nullptr, L"Enhanced security mode is enabled", + L"Enhanced Security Mode", MB_OK); + } + } +} +``` + +# API Details + +```c# +/// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM) level. +/// +/// ESM reduces the risk of memory-related vulnerabilities by disabling JavaScript +/// Just-in-Time (JIT) compilation and enabling additional OS protections. +/// This property applies to all WebView2 instances sharing the same profile and +/// is persisted in the user data folder. +/// +/// Default: false. ESM level is Off. +/// +/// true: Enables ESM in Strict level for all sites. +/// false: ESM level is Off. +/// +/// Notes: +/// - Changes apply to future navigations; reload may be required. +/// - Enabling ESM improves security but may reduce JavaScript performance. +/// +/// See: https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-security-browse-safer +/// +/// +[uuid(d5b781db-0a75-5f9c-85b1-40fa814fcea7), object, pointer_default(unique)] +interface ICoreWebView2Profile12 : IUnknown { + /// Gets whether Enhanced Security Mode is enabled for this profile. + [propget] HRESULT EnhancedSecurityMode([out, retval] BOOL* value); + + /// Enables or disables Enhanced Security Mode for this profile. + /// See notes above for behavior and performance impact. + [propput] HRESULT EnhancedSecurityMode([in] BOOL value); +} +``` + +```c# +namespace Microsoft.Web.WebView2.Core +{ + runtimeclass CoreWebView2Profile + { + // ... + [interface_name("Microsoft.Web.WebView2.Core.ICoreWebView2Profile12")] + { + // ICoreWebView2Profile12 members + Boolean EnhancedSecurityMode { get; set; }; + } + } +} +``` From 4fd61f1672af09ea07d67a1aba0b8c4bfa73cda2 Mon Sep 17 00:00:00 2001 From: Harsha Narayana P Date: Fri, 31 Oct 2025 13:42:16 +0530 Subject: [PATCH 6/7] delete IsEnhancedSecurityModeEnabled.md --- specs/IsEnhancedSecurityModeEnabled.md | 115 ------------------------- 1 file changed, 115 deletions(-) delete mode 100644 specs/IsEnhancedSecurityModeEnabled.md diff --git a/specs/IsEnhancedSecurityModeEnabled.md b/specs/IsEnhancedSecurityModeEnabled.md deleted file mode 100644 index b6dd18916..000000000 --- a/specs/IsEnhancedSecurityModeEnabled.md +++ /dev/null @@ -1,115 +0,0 @@ -IsEnhancedSecurityModeEnabled API -=== - -# Background - -Enhanced Security Mode (ESM) is a Microsoft Edge security feature that reduces the risk of memory-related vulnerabilities by disabling JavaScript Just-in-Time (JIT) compilation and enabling additional operating system protections. - -In WebView2, ESM is off by default to avoid performance impact. Host applications can enable ESM for stricter security when rendering untrusted or sensitive content. While this improves security, it may reduce JavaScript performance. - -In Microsoft Edge, ESM offers two levels: - -- Balanced – Enabled only for unfamiliar sites based on browser usage patterns. -- Strict – Always enabled for all sites. - -![image](https://github.com/MicrosoftEdge/WebView2Feedback/assets/82386753/35977716-e46c-4257-82da-906b0c6f833e) - -Unlike Edge browser, WebView2 does not support heuristic-based "Balanced" level. Only two options are available: Off and Strict. - -Currently, ESM level can only be configured via the `--sdsm-state` browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. There is no flexibility to modify the level at runtime. - -This proposal introduces an API to enable or disable ESM and persist the configuration for a WebView2 profile within the user data folder. - -## CoreWebView2Profile.IsEnhancedSecurityModeEnabled -Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. This property value is persisted for a WebView2 profile in the user data folder. The default value is false. - -- true: ESM enabled in Strict level: disables JavaScript JIT and applies additional OS protections. -- false: ESM level is Off. - -Changes apply to future navigations; reload may be required. Enabling ESM improves security but can reduce JavaScript performance. - -# Examples - -## IsEnhancedSecurityModeEnabled - -Enable Enhanced Security Mode for a profile. - -```c# -void EnableEnhancedSecurityMode() -{ - var profile = webView2.CoreWebView2.Profile; - profile.IsEnhancedSecurityModeEnabled = true; - MessageBox.Show(this, "Enhanced security mode is enabled", "Enhanced Security Mode"); -} -``` - -```cpp -void EnableEnhancedSecurityMode() -{ - wil::com_ptr webView2_13; - webView2_13 = m_webView.try_query(); - - if (webView2_13) - { - wil::com_ptr profile; - CHECK_FAILURE(webView2_13->get_Profile(&profile)); - - auto profile12 = profile.try_query(); - if (profile12) - { - CHECK_FAILURE(profile12->put_IsEnhancedSecurityModeEnabled(TRUE)); - MessageBox( - nullptr, L"Enhanced security mode is enabled", - L"Enhanced Security Mode", MB_OK); - } - } -} -``` - -# API Details - -```c# -/// Extension of ICoreWebView2Profile to control Enhanced Security Mode (ESM) level. -/// -/// ESM reduces the risk of memory-related vulnerabilities by disabling JavaScript -/// Just-in-Time (JIT) compilation and enabling additional OS protections. -/// This property applies to all WebView2 instances sharing the same profile and -/// is persisted in the user data folder. -/// -/// Default: false. ESM level is Off. -/// -/// true: Enables ESM in Strict level for all sites. -/// false: ESM level is Off. -/// -/// Notes: -/// - Changes apply to future navigations; reload may be required. -/// - Enabling ESM improves security but may reduce JavaScript performance. -/// -/// See: https://learn.microsoft.com/en-us/DeployEdge/microsoft-edge-security-browse-safer -/// -/// -[uuid(d5b781db-0a75-5f9c-85b1-40fa814fcea7), object, pointer_default(unique)] -interface ICoreWebView2Profile12 : IUnknown { - /// Gets whether Enhanced Security Mode is enabled for this profile. - [propget] HRESULT IsEnhancedSecurityModeEnabled([out, retval] BOOL* value); - - /// Enables or disables Enhanced Security Mode for this profile. - /// See notes above for behavior and performance impact. - [propput] HRESULT IsEnhancedSecurityModeEnabled([in] BOOL value); -} -``` - -```c# -namespace Microsoft.Web.WebView2.Core -{ - runtimeclass CoreWebView2Profile - { - // ... - [interface_name("Microsoft.Web.WebView2.Core.ICoreWebView2Profile12")] - { - // ICoreWebView2Profile12 members - Boolean IsEnhancedSecurityModeEnabled { get; set; }; - } - } -} -``` From 752b04c3edea5a6ead5711a3d7dd2144fed56810 Mon Sep 17 00:00:00 2001 From: Harsha Narayana P Date: Sat, 1 Nov 2025 08:22:10 +0530 Subject: [PATCH 7/7] rename property name and doc improvements --- ...de.md => IsEnhancedSecurityModeEnabled.md} | 57 ++++++++++++------- 1 file changed, 36 insertions(+), 21 deletions(-) rename specs/{EnhancedSecurityMode.md => IsEnhancedSecurityModeEnabled.md} (52%) diff --git a/specs/EnhancedSecurityMode.md b/specs/IsEnhancedSecurityModeEnabled.md similarity index 52% rename from specs/EnhancedSecurityMode.md rename to specs/IsEnhancedSecurityModeEnabled.md index a2e439e18..051c49266 100644 --- a/specs/EnhancedSecurityMode.md +++ b/specs/IsEnhancedSecurityModeEnabled.md @@ -1,36 +1,46 @@ -EnhancedSecurityMode +IsEnhancedSecurityModeEnabled === # Background -Enhanced Security Mode (ESM) is a Microsoft Edge security feature that reduces the risk of memory-related vulnerabilities by disabling JavaScript Just-in-Time (JIT) compilation and enabling additional operating system protections. +Enhanced Security Mode (ESM) is a Microsoft Edge security feature that reduces +the risk of memory-related vulnerabilities by disabling JavaScript Just-in-Time +(JIT) compilation and enabling additional operating system protections. -In WebView2, ESM is off by default to avoid performance impact. Host applications can enable ESM for stricter security when rendering untrusted or sensitive content. While this improves security, it may reduce JavaScript performance. +In WebView2, ESM is off by default to avoid performance impact. You can enable +ESM for stricter security when rendering untrusted sites. While this improves +security, it may reduce JavaScript performance. In Microsoft Edge, ESM offers two levels: -- Balanced – Enabled only for unfamiliar sites based on browser usage patterns. -- Strict – Always enabled for all sites. +- Balanced – Enhanced security is used for unfamiliar sites based on browser usage patterns. +- Strict – Enhanced security is used for all sites. ![image](https://github.com/MicrosoftEdge/WebView2Feedback/assets/82386753/35977716-e46c-4257-82da-906b0c6f833e) -Unlike Edge browser, WebView2 does not support heuristic-based "Balanced" level. Only two options are available: Off and Strict. +Unlike Microsoft Edge, WebView2 does not support the heuristic-based "Balanced" +level; only Off and Strict are available. -Currently, ESM level can only be configured via the `--sdsm-state` browser flag([see for more details](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)) at environment creation, applying globally to all profiles. There is no flexibility to modify the level at runtime. +Today, the ESM level in WebView2 can be set only at environment creation by using +the `--sdsm-state` browser feature flag ([webview2 browser flag docs](https://learn.microsoft.com/en-us/microsoft-edge/webview2/concepts/webview-features-flags?tabs=dotnetcsharp)). +The setting applies globally to all profiles and cannot be changed at runtime. -This proposal introduces an API to enable or disable ESM and persist the configuration for a WebView2 profile within the user data folder. +This proposal introduces an API to enable or disable ESM and persist the configuration +for a WebView2 profile within the user data folder. -## CoreWebView2Profile.EnhancedSecurityMode -Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances sharing the same profile. This property value is persisted for a WebView2 profile in the user data folder. The default value is false. +## CoreWebView2Profile.IsEnhancedSecurityModeEnabled +Enables or disables Enhanced Security Mode (ESM) for all WebView2 instances +sharing the same profile. This property value is persisted for a WebView2 +profile in the user data folder. The default value is false. -- true: ESM enabled in Strict level: disables JavaScript JIT and applies additional OS protections. +- true: ESM enabled in Strict level: Enhanced security is used for all sites. - false: ESM level is Off. -Changes apply to future navigations; reload may be required. Enabling ESM improves security but can reduce JavaScript performance. +> Changes apply to future navigations; reload may be required. # Examples -## EnhancedSecurityMode +## IsEnhancedSecurityModeEnabled Enable Enhanced Security Mode for a profile. @@ -38,8 +48,13 @@ Enable Enhanced Security Mode for a profile. void EnableEnhancedSecurityMode() { var profile = webView2.CoreWebView2.Profile; - profile.EnhancedSecurityMode = true; - MessageBox.Show(this, "Enhanced security mode is enabled", "Enhanced Security Mode"); + if (!profile.IsEnhancedSecurityModeEnabled) + { + profile.IsEnhancedSecurityModeEnabled = true; + MessageBox.Show(this, + "Enhanced Security Mode (Strict) enabled for this profile. Reload pages to apply.", + "Enhanced Security Mode"); + } } ``` @@ -57,9 +72,9 @@ void EnableEnhancedSecurityMode() auto profile12 = profile.try_query(); if (profile12) { - CHECK_FAILURE(profile12->put_EnhancedSecurityMode(TRUE)); - MessageBox( - nullptr, L"Enhanced security mode is enabled", + CHECK_FAILURE(profile12->put_IsEnhancedSecurityModeEnabled(TRUE)); + MessageBox(nullptr, + L"Enhanced Security Mode (Strict) enabled. Reload pages to apply.", L"Enhanced Security Mode", MB_OK); } } @@ -91,11 +106,11 @@ void EnableEnhancedSecurityMode() [uuid(d5b781db-0a75-5f9c-85b1-40fa814fcea7), object, pointer_default(unique)] interface ICoreWebView2Profile12 : IUnknown { /// Gets whether Enhanced Security Mode is enabled for this profile. - [propget] HRESULT EnhancedSecurityMode([out, retval] BOOL* value); + [propget] HRESULT IsEnhancedSecurityModeEnabled([out, retval] BOOL* value); /// Enables or disables Enhanced Security Mode for this profile. /// See notes above for behavior and performance impact. - [propput] HRESULT EnhancedSecurityMode([in] BOOL value); + [propput] HRESULT IsEnhancedSecurityModeEnabled([in] BOOL value); } ``` @@ -108,7 +123,7 @@ namespace Microsoft.Web.WebView2.Core [interface_name("Microsoft.Web.WebView2.Core.ICoreWebView2Profile12")] { // ICoreWebView2Profile12 members - Boolean EnhancedSecurityMode { get; set; }; + Boolean IsEnhancedSecurityModeEnabled { get; set; }; } } }