Api enhanced security mode state #5518
Open
+148
−148
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Document the Enhanced Security Mode (ESM) feature for WebView2, including its background, description, examples, and API details.
…crosoftEdge/WebView2Feedback into api-EnhancedSecurityModeState
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Proposed Update to Existing Experimental API
This change updates the experimental API
CoreWebView2Profile.EnhancedSecurityModeLevel → CoreWebView2Profile.EnhancedSecurityModeState
to better align with the terminology used in the Enhanced Security Mode (ESM) origin setting API.
Enum Renames
Off → Disabled
Strict → Enabled
Rationale
Since Enhanced Security Mode is now also configurable through the origin setting API, the existing property name (EnhancedSecurityModeLevel) and its enum values (On/Off) can lead to ambiguity.
Renaming the property to EnhancedSecurityModeState and the enum values to Enabled and Disabled makes terminology consistent across both APIs and clearly expresses that this is a simple state, not a "level".
This improves clarity, aligns with the origin-settings-based configuration model, and reduces confusion for developers using both APIs.