Category Archives: Insider

Auto Added by WPeMatico

Introducing the Storage Access API – Microsoft Edge Blog

Today, we’re excited to announce the “first-look” rollout of the Storage Access API in our Canary and Dev channels. For developers, this API allows them to determine whether their access to browser-based storage is restricted by a user’s privacy settings and to request storage access from users if so. This capability can be used to create graceful fallback experiences in cases when storage access may be restricted by features such as tracking prevention in Microsoft Edge. For users, this API provides greater transparency into and control over the sites that are requesting access to browser-based storage that could be used to track their behaviors across the web. This post outlines what the addition of the Storage Access API means for both developers and users.

Using the Storage Access API is as easy as updating your code to leverage the following new functions:
hasStorageAccess()
Useful to check if access to cookies and other storage exists in the current context.
Returns a promise with a boolean result indicating if storage access exists or not.

requestStorageAccess()
Requires a user gesture to invoke.
Useful to request access to storage for a single third-party context.
Returns a promise that will resolve if access is either available or granted and reject if unsuccessful.

Note: Since we are still gradually rolling out the Storage Access API, it’s possible that you may not have it enabled by default on your device. If you want to test it early, please enable the “Storage Access API” flag in edge://flags.
The usage of these new functions is best demonstrated with an example.
Example:
A social media site, contoso.social, offers sites the ability for developers to embed social media widgets as third-party content on their sites. One site where these widgets appear is www.contoso.example. To offer the ability for contoso.social users to comment on, save, or share contoso.example content with friends, contoso.social’s embedded content needs access to its own storage such as cookies or localStorage in the context of contoso.example in order to associate these actions with a visitor’s account.
Checking for Access:
contoso.social can use document.hasStorageAccess() to see if access to storage already exists and to provide an alternative user experience such as displaying a request to login or request access if not:

Requesting Access:
If no storage access is currently present, contoso.social can request access during a user gesture. As an example, the onclick handler of a login button could be tied to a request for storage access (see the “User Experience” section below) using the document.requestStorageAccess() method.

Sandboxing
The allow-storage-access-by-user-activation token can be used to enable the usage of the API when embedded content is loaded in a sandboxed iframe. In practice, both the allow-scripts and allow-same-origin tokens will also be required as well to ensure the API can be effectively used.

As a developer, we hope you will leverage the Storage Access API to create web-based experiences that will continue to be compatible even as browsers place more restrictions on third-party storage.

With the introduction of the Storage Access API, you may notice an “Allow cookies and site data?” prompt like the one below when you interact with third-party content such as social media widgets or embedded videos while browsing:

This indicates that the site whose embedded content you’re interacting with (contoso.social in the example above) currently has its storage restricted by Microsoft Edge’s privacy settings and is requesting your permission to access its storage within the context of the site you’re visiting (https://www.contoso.example in the example above). While several types of sites require storage access for legitimate scenarios such as making sure you’re signed in when you expect to be, allowing this access can allow the site requesting it track your activity on the site you’re currently visiting.
Clicking “Allow” will temporarily allow the requesting site access to its storage on the site you were visiting when the prompt appeared. This allowance will last for a 30-day period after which it will automatically expire. Clicking “Block” will prevent the requesting site from accessing its storage on the site you were visiting when the prompt appeared. If you change your mind, interacting with the third-party content a second time will cause the prompt to be displayed again, giving you the option to revisit your choice.
To give you control over any storage access requests you’ve allowed before they automatically expire, you’ll notice a new “Cookies and site data you’ve temporarily allowed” section at the bottom of the edge://settings/content/cookies page. Here, you can review and revoke the storage access requests you’ve granted in a single list:

We implemented the Storage Access API upstream so that all Chromium-based browsers could benefit from it. We are also actively participating in standardization discussions that are ongoing in the W3C Privacy Community Group to ensure that the API works uniformly across browsers. If you have any feedback on the functionality or capabilities of the API itself, please feel free to join the standardization discussions by filing an issue on GitHub. If you have any feedback on the Storage Access API as it exists in Microsoft Edge, please send us feedback using in-app feedback tool (Alt + Shift + I).
To close, we’d like to thank our friends at Apple and Mozilla for their early work on the Storage Access API and our friends at Google for helping pave the way for getting the API implemented in Chromium. We’re excited for you to try it out and to hear what you think!
–  Brandon Maslen, Senior Software Engineer–  Scott Low, Senior Program Manager

Introducing an improved spellcheck experience in Microsoft Edge – Microsoft Edge Blog

Beginning with Microsoft Edge 83, we’ve introduced a new spellcheck experience for Windows users, powered by Windows Spellcheck. The feature is supported on Windows 8.1 and above.
Previously, on Windows, Microsoft Edge and other Chromium browsers used open-source proofing tools for spell checking. Moving to Windows Spellcheck has a number of benefits, including support for additional languages and dialects, a shared custom dictionary, and better support for URLs, acronyms, and email addresses.
Based on early feedback from preview users, this represents an overall improvement in the quality of spell checking in Microsoft Edge, as illustrated in the examples below.

Hunspell Spellcheck

Windows Spellcheck

Generic Patterns:

Generic Patterns:

Markdown editor:

Markdown editor:

How to use spellcheck in Microsoft Edge
For most users, no action is required to set up spell checking – it will automatically inherit your preferred language settings from Windows. To configure the languages that will be spellchecked, navigate to the edge://settings/languages page.

Users can install additional languages to spellcheck in Windows Settings by navigating to Time & Language -> Language and selecting Add a preferred language.

If the user has not installed the necessary language pack (or if one is not available), Microsoft Edge will fall back to the prior experience powered by Hunspell.
This feature was developed as a collaboration between Google and Microsoft engineers in the Chromium project, enabling all Chromium-based browsers to benefit from Windows Spellcheck integration. Our thanks go out to Guillaume Jenkins and Rouslan Solomakhin (Google), and Bruce Long, Luis Sanchez Padilla, and Siye Liu (Microsoft) for their collaboration on this feature.
The new spellcheck experience is now available in Microsoft Edge starting with version 83, recently released to the Stable channel. Try it out and let us know what you think!
– Bo Cupp, Principal Software Engineer, Microsoft Edge– Grisha Lyukshin, Program Manager, Microsoft Edge

Introducing the new surf game in Microsoft Edge – Microsoft Edge Blog

Starting with build 83.0.478.37, users can now play a surfing-themed game in the new Microsoft Edge when they’re offline or by navigating to edge://surf. The game, which has been available for Insiders since late February, is now available for everyone to play in the latest Stable channel release. Download the new Microsoft Edge here to get started surfing today!

Inspired by the classic Windows game SkiFree, the surf game challenges players to ride through the water while avoiding islands, fellow surfers, and other obstacles. Watch out for the kraken! Players can also collect hearts to extend their lives and boosts for a burst of speed. Surf as far as possible in an endless ocean, compete for the shortest time, or zig zag through as many gates as you can in a row. With three distinct game modes, players have a variety of ways to pass the time.
To catch the wave, simply navigate to edge://surf in the address bar. If you are not connected to the internet, Microsoft Edge will also provide a handy link to the game to help you pass the time.

An early version of the surf game originally debuted in November as part of a special Easter Egg. Insiders followed a series of cryptic hints and puzzles in the run-up to Microsoft Ignite 2019 which eventually led them to unlock the hidden surf game using Collections. Upon reaching the end of the game, Insiders were treated to the world’s first look at the new icon for Microsoft Edge—two days before the official reveal.
Upon the conclusion of the Easter Egg, the number one request from Insiders was to turn the surfing game into an endless runner as the permanent “offline game” for Microsoft Edge. The team took this feedback to heart and has spent the last few months polishing edge://surf and adding new gameplay features and improvements, including support for accessibility features like high contrast, screen readers, and even the Xbox Adaptive Controller. Here’s a look at what’s included:
Let’s surf: Endless mode
Surf as far as you can while avoiding obstacles and the kraken. You can switch modes via the game settings menu.
Time trial mode
Reach the end of the course as fast as you can! Collect coins to help you achieve an even shorter time. The course is always the same—can you find the shortest possible route? You can switch modes via the game settings menu.
Zig zag mode
Surf through as many gates as you can in a row! Your streak will reset if you miss a gate, but you can keep playing until your lives run out. You can switch modes via the game settings menu.
Play with keyboard, mouse, touch, or gamepad
Play your way with support for keyboard, mouse, touch, and gamepads, including Xbox, PlayStation, Switch Pro, and the Xbox Adaptive Controller. The game also supports gamepad haptic feedback (rumble) for a more immersive experience. Instructions for how to play, including the controls for each input method, can be found in the game’s settings menu.
Personal high scores
Each game mode keeps a record of your high score, and you’ll see a notification every time you set a new record. You can also reset your stats from the game settings menu.

High visibility mode
High visibility mode (accessible via the game settings menu) highlights the hit boxes around objects, making it easier to identify and avoid obstacles in the water.
Reduced speed mode
For users who prefer a more relaxed pace or need extra time to pull off those surfing moves, they can enable the new reduced speed mode (accessible via the game settings menu) to slow down the speed of the game.
And much more!
The final release of edge://surf has many changes based directly on user feedback from the Easter Egg version, including an enhanced user experience, numerous gameplay improvements (such as smarter enemy logic) and bug fixes, and much more. Who knows? There might even be a few secrets just waiting to be found.
Thanks again to our incredible community that made this possible. Happy surfing!
– William Devereux, Senior Program Manager, Microsoft Edge

Using multiple profiles at work and at home is now easier with Microsoft Edge – Microsoft Edge Blog

Our customers tell us that they like to keep their browsing data separate as they take on various roles in their lives. For people at home working from their own devices, this is particularly important.
Microsoft Edge’s “Profiles” feature is a great way to do this, whether you’re switching between work and personal browsing, juggling your job and freelancing business, or managing your tasks as an admin alongside other responsibilities.
In this post, we’ll share some improvements coming to browsing with multiple profiles in Microsoft Edge, and walk you through how to get started with this feature.
Setting up multiple profiles
To get started with multiple profiles, click the profile icon to the right of your address bar and click “Add a profile”. Then, on the consent screen that comes next, just click “Add”. Your profile is now added.
Each profile opens in a new window and gets its own desktop icon. You can pin each desktop icon independently to your Windows taskbar by right clicking on the Microsoft Edge icon.
If you’d like to roam your data across devices, you can sign into each profile with a Microsoft Account or a Work or School Account and choose to sync your data. Since browsing data is separated between profiles, each profile will sync independent of the other.

Switching between profiles
You can switch between profiles any time by clicking on the desktop icon or window associated with a profile. You can also switch using the profile flyout by clicking the profile icon or you can switch from the edge://settings/profiles page.

Getting to the right profile
We’ve heard that two things that users find challenging is getting links to open in the right profile and making sure that you don’t mistakenly open work content in your personal profile. Today, we’re excited to announce two features that we hope will make this easier:
Selecting a default profile (available in Microsoft Edge 81 and higher)
To ensure that links you open from another app open in the profile of your choice, you can now select a default profile in Microsoft Edge. To select a default profile to open external links, do the following:
Navigate to edge://settings
Select the “Multiple profile preferences” option (Note: This will only show if you have multiple profiles.)
Use the drop down menu to select which profile you’d like external links to open with.

Automatic profile switching (available in Microsoft Edge 83 and higher)
We’re also excited to announce a new feature to help you get to your work content more easily while using multiple profiles. We call it Automatic Profile Switching. If you’re a multiple profiles user, you can check it out by trying to navigate to a work site (a site authenticated with your work or school account) while in your personal profile.
When we detect this, we will prompt you to switch to your work profile to access that site without having to authenticate to it. When you choose the work profile you want to switch to, the website will simply open in your work profile.
We hope that this will help you keep your work and personal data separate and help you get to your work content more seamlessly. In case this doesn’t work for your flows, you can choose “Don’t ask me again,” and it will get out of your way.

We are excited to release this improvement for your multiple profile scenarios—give it a try and let us know how you like it! If you run into any issues or have any feedback on using multiple profiles, use the in-app feedback button (or Alt-Shift-I) and we’ll use it to make the experience better for you.
Thank you for helping us build Microsoft Edge be the best browser for you.
– Avi Vaid, Program Manager, Microsoft Edge

Update on Stable channel releases for Microsoft Edge – Microsoft Edge Blog

In light of current global circumstances, the Microsoft Edge team is pausing updates to the Stable channel for Microsoft Edge. This means that Microsoft Edge 81 will not be promoted to Stable until we resume these updates.
We are making this change to be consistent with the Chromium project, which recently announced a similar pause due to adjusted schedules, and out of a desire to minimize additional impact to web developers and organizations that are similarly impacted.
We will continue to deliver security and stability updates to Microsoft Edge 80. Preview channels (Canary, Dev, and Beta) will continue to update on their usual schedule.
As the situation evolves, we will post updates here and on our Twitter channel.

Protecting users from potentially unwanted applications in Microsoft Edge – Microsoft Edge Blog

Our customer feedback tells us that when users search for free versions of software, they often find applications with a poor reputation being installed on the machine at the same time. This pattern indicates that the user has downloaded an application which shows offers (or bundles) for potentially unwanted applications (PUA).
Potentially unwanted applications can make the user less productive, make the user’s machine less performant, and lead to a degraded Windows experience. Examples of PUA include software that creates extra advertisements, applications that mine cryptocurrency, applications that show offers for other software and applications that the AV industry considers having a poor reputation.
In the new Microsoft Edge (beginning with 80.0.338.0), we’ve introduced a new feature to prevent downloads that may contain potentially unwanted apps (PUA), by blocking those apps from downloading. This feature is off by default, but can be turned on in three easy steps:
Tap … (Settings and more) > Settings.
Choose Privacy and services.
Scroll down to Services, and then turn on Block potentially unwanted apps.

Here is what users will see when a download is blocked by the feature (Note: PUA blocking requires Microsoft Defender SmartScreen to be enabled):

To learn more about what Microsoft defines as PUA, see the criteria in our documentation.
If an app has been mislabeled as PUA, users can choose to keep it by tapping … in the bottom bar, choosing Keep, and then choosing Keep anyway in the dialog that appears.

From edge://downloads/, users can also choose Report this app as reputable, which will direct them to our feedback site. There, users can let us know that they think the app is mistakenly marked as PUA.
If you own the site or app in question, you can let us know here. Your feedback will be reviewed by our team to determine an appropriate follow up action.

Our goal is to assist users in getting the apps they want, while empowering them to maintain control over their devices and experiences.
You can learn more about how Microsoft identifies malware, unwanted software, and PUA in our security documentation.
We encourage users to always try to download software from a trusted location, such as the publisher’s website or a reputable app store, and to check reviews of the app and the reputation of the publisher before downloading.
If you are an admin or IT professional and are interested in enabling this feature on for your users, see our enterprise documentation here.
We hope you’ll try out this new feature in the new Microsoft Edge and let us know what you think! Give us your feedback by clicking the feedback link in the upper right corner of your browser or pressing Alt-Shift-I to send feedback.
– Juli Hooper and Michael Johnson, Microsoft Defender ATP

New optimizations boost performance in preview builds of Microsoft Edge – Microsoft Edge Blog

Starting with Microsoft Edge build 81.0.389.0 on 64-bit Windows 10, we’ve enabled new toolchain optimizations that should provide a substantial performance improvement in general browsing workloads.We’ve measured an up to 13% performance improvement in the Speedometer 2.0 benchmark when compared to Microsoft Edge 79. Speedometer measures performance by simulating user interactions in a sample web app across a number of DOM APIs and popular JavaScript frameworks used by top sites, and is generally regarded as a good proxy for real-world performance across a number of different subsystems including the DOM, JavaScript engine, layout, and more.
We’d like your help validating these improvements in your real-world browsing as we approach our next Beta release later this month. You can try out these improvements by comparing performance in the latest Dev or Canary builds to Microsoft Edge 80 or earlier.
The details:
We measured Speedometer 2.0 in ten consecutive runs on Microsoft Edge 79, where the optimizations are not yet implemented.  The results are below.

Microsoft Edgev. 79.0.309.71
1
84.6
2
85.4
3
85.3
4
85.3
5
84.6
6
84.9
7
85.8
8
84.7
9
84.8
10
84.3
Median
84.85
Benchmarked on Windows 10 1909 (OS Build 18363.592) on a Microsoft Surface Pro 5 (Intel(R) i5-8250U CPU 1.60GHz and 8 GB RAM), with no other applications running and no additional browser tabs open.
We then ran Speedometer 2.0 on recent versions of Microsoft Edge 81 which include the new optimizations, with the following results.

Microsoft Edgev. 81.0.410.0
Microsoft Edgev. 81.0.403.1
1
96.3
96.7
2
91.1
95.7
3
91.7
95.2
4
96
95.5
5
97.6
95.5
6
97.4
95.9
7
96.8
96.2
8
94.4
96.2
9
96.4
95.5
10
94.4
95.4
Median
96.15
95.6
Benchmarked on Windows 10 1909 (OS Build 18363.592) on a Microsoft Surface Pro 5 (Intel(R) i5-8250U CPU 1.60GHz and 8 GB RAM), with no other applications running and no additional browser tabs open.
We would love for you to try the new optimizations in Dev or Canary and let us know if you notice these improvements in  your real-world experience. Please join us on the Microsoft Edge Insider forums or Twitter to discuss your experience and let us know what you think! We hope you enjoy the changes and look forward to your feedback!
Update as of 02/20/2020 – Thank you to the Microsoft Edge Insider Community for continuing to test and provide feedback on Microsoft Edge. Your testing and feedback helped us identify a compatibility issue with a third party app that we’re actively working to address. We’ve modified the optimizations to mitigate the issue and expect you’ll see more modest performance improvements in the upcoming Beta Channel build. Please continue hammering on the Canary and Dev builds and sending us feedback!

Bringing the Microsoft Edge DevTools to more languages – Microsoft Edge Blog

We know inclusivity makes us work better and we love when we find ways to put that knowledge into practice. On the Edge team, we believe—and usage and research show—that developer experiences are more productive when they fit our language and location preferences. Today, we’re excited to move in that direction by announcing that the new Microsoft Edge now features DevTools localized in 10 languages (in addition to English):
Chinese (Simplified) – 中文(简体)(简体)
Chinese (Traditional) – 中文(繁體)(繁體)
French – français
German – deutsch
Italian – italiano
Portuguese – português
Korean – 한국어
Japanese – 日本語
Russian – русский
Spanish – español
This adds our new browser tools to a long list of other localized Microsoft developer experiences including VS Code, Azure Portal, and more.
This release is the result of collaboration over many months between our team and the DevTools, Lighthouse, and Chrome teams at Google. We’ve contributed all localizability features upstream (explainer), and plan to continue to do so so that other browsers can benefit from this work.
Try the localized developer tools
Make sure you have “Enable localized Developer Tools” turned on by heading to edge://flags, finding that flag, and setting it to “Enabled” (this is on by default in Canary; on by default soon in Dev, Beta, and Stable channels). Once on, your DevTools will match the language of the browser. On macOS, the developer tools inherit the language from the operating system. You can change the language in the Settings under the “Language and Region” section. Add another language, change it to your primary. Once you restart Microsoft Edge, the developer tools will be in that language.
If you just wanted to try the feature out and wish to revert to English, go to DevTools Settings (F1) > Preferences and click the checkbox to deselect “Match browser language.”

What’s next
For the initial release, we went with the top languages used by web developers within our ecosystem. Next, we’re evaluating popular right-to-left languages like Hebrew and Arabic and working on localizing our documentation. If you’d like those languages or other features in the localization and internationalization space, please let us know. We’re always happy to hear your thoughts.
To get in touch, you can Send Feedback from the Microsoft Edge menu (Alt-Shift-I), or share your thoughts with us on Twitter.
– Erica Draud, Program Manager, Microsoft Edge DevTools

Debug z-index stacking content with 3D View in the Microsoft Edge DevTools – Microsoft Edge Blog

We are thrilled to announce the next iteration of 3D View in the Microsoft Edge DevTools, with a new feature to help debug z-index stacking context. The general 3D View shows a representation of the DOM (Document Object Model) depth using color and stacking, and the z-Index view helps you isolate the different stacking contexts of your page.
3D view is enabled by default in the Canary branch – to enable it in other branches, open the DevTools “Experiments” settings (Ctrl-Shift-P -> “Experiments“) and turn on “Enable 3D View.” If you don’t see that item, navigate to edge://flags and make sure you have enabled “Developer Tools experiments.” Once 3D view is enabled, you can find it under the “More tools” menu (or via search: Ctrl-Shift-P -> “3D View“).

With our first 3D View experiment, we were able to get incredible feedback from Twitter and from the feedback button. This encouraged us to conduct further usability studies to improve the tool. Along the way, we received plenty of requests for CSS z-index debugging as a feature, and felt that the 3D View would be a great vehicle to try it out.
In the z-index tab you can further simplify the view by only showing elements with a stacking context or hiding elements with the same paint order as their parent. These two settings will make for a flatter and more readable experience. Check out our explainer for more details!

What’s next
Coming soon, we’ll have a better highlighting experience between the Elements panel and 3D View, UI improvements, and new camera controls. We’d love to hear what else you’d like to see from this experience! What other features would help you with your day to day debugging? Feel free to reach out to us on Twitter, or just click “Send feedback” in the Microsoft Edge “Help and Feedback” menu at any time.
– Erica Draud, Program Manager, Edge DevTools

Announcing the draft Security Baseline for Microsoft Edge version 79 – Microsoft Edge Blog

We are pleased to announce the draft security baseline for the initial stable release of the new Microsoft Edge! Please review the security baseline (DRAFT) for Microsoft Edge version 79, and send us your feedback through the Baselines Discussion site.Every organization faces security threats. However, the types of security threats that are of most concern to one organization can be completely different from another organization. For example, an e-commerce company may focus on protecting its Internet-facing web apps, while a hospital may focus on protecting confidential patient information. The one thing that all organizations have in common is a need to keep their apps and devices secure.
A security baseline is a group of Microsoft-recommended configuration settings that explains their security impact. These settings are based on feedback from Microsoft security engineering teams, product groups, partners, and customers.

Security baselines are an essential benefit to your organization because they bring together expert knowledge from Microsoft, partners, and customers.
For example, there are 200+ Microsoft Edge Group Policy settings for Windows. Of these settings, only some are security-related.  Although Microsoft provides extensive guidance on these policies, exploring each one can take a long time. You would have to determine the security impact of each setting on your own. Then, you would still need to determine the appropriate value for each setting.
In modern organizations, the security threat landscape is constantly evolving, and IT administrators and policy-makers must keep up with security threats and make required changes to Microsoft Edge security settings to help mitigate these threats. To enable faster deployments and make managing Microsoft Edge easier, Microsoft provides customers with security baselines that are available in consumable formats, such as Group Policy Objects backups.

As with our current Windows and Office security baselines, our recommendations for Microsoft Edge configuration follow a streamlined and efficient approach to baseline definition when compared with the baselines we published before Windows 10. The foundation of that approach is essentially this:
The baselines are designed for well-managed, security-conscious organizations in which standard end users do not have administrative rights.
A baseline enforces a setting only if it mitigates a contemporary security threat and does not cause operational issues that are worse than the risks they mitigate.
A baseline enforces a default only if it is otherwise likely to be set to an insecure state by an authorized user:
If a non-administrator can set an insecure state, enforce the default.
If setting an insecure state requires administrative rights, enforce the default only if it is likely that a misinformed administrator will otherwise choose poorly.

(For further explanation, see the “Why aren’t we enforcing more defaults?” section in this blog post.)

You can use security baselines to:
Ensure that user and device configuration settings are compliant with the baseline.
Set configuration settings. For example, you can use Group Policy, System Center Configuration Manager, or Microsoft Intune to configure a device with the setting values specified in the baseline.

For version 78, see Security baseline (DRAFT) for Chromium-based Microsoft Edge, version 78.
For version 79, see Security baseline (DRAFT) for Chromium-based Microsoft Edge, version 79.
Future draft security baselines versions will be posted to the Microsoft Security Baselines Blog, and final security baselines will be available in the Security Compliance Toolkit (SCT).

Check out our Microsoft Edge enterprise documentation to learn more about deploying and managing the next version of Microsoft Edge.
– Forbes Higman, Program Manager, Microsoft Edge enterprise security– Brian Altman, Program Manager, Microsoft Edge manageability