One of the more common problems reported by Enterprises is that certain Edge/Chrome policies do not seem to work properly when the values are written to the registry. For instance, when using the about:policy page to examine the browser’s view of the applied policy, the customer might complain that a policy value they’ve entered inContinue reading “Edge/Chrome Policy Registry Entries”
Tag Archives: enterprise
Lock down web browsing using Kiosk Mode
Browsers get used in many different environments. Today, I take a look at scenarios where there’s either no interactive user (digital signage) or a potentially malicious user (internet kiosks). Digital Signage (fullscreen) Requirements In the Digital Signage scenario, there’s a full-screen webpage rendering and there are no user-accessible input devices– the canonical example here wouldContinue reading “Lock down web browsing using Kiosk Mode”
Per-Site Permissions in Edge
Last year, I wrote about how the new Microsoft Edge browser mostly ignores Security Zones (except in very rare circumstances) to configure security and permissions decisions. Instead, in Chromium per-site permissions are controlled by settings and policies expressed using a simple syntax with limited wildcarding support. Settings Page’s Site Permissions and Group Policy Internet ExplorerContinue reading “Per-Site Permissions in Edge”
Specifying Per-Site Policy with Chromium’s URL Filter Format
Chromium-based browsers like Microsoft Edge make very limited use of Windows Security Zones. Instead, most permissions and features that offer administrators per-site configuration via policy rely on lists of rules in the URL Filter Format. Filters are expressed in a syntax (Chrome Doc, Edge Doc) that is similar to other types of globbing rules, butContinue reading “Specifying Per-Site Policy with Chromium’s URL Filter Format”
Web Proxy Authentication
Last year, I wrote about how the new Microsoft Edge’s adoption of the Chromium stack changed proxy determination away from the Windows Service (WinHTTP Proxy Service) to similar but not identical code in Chromium. This change mostly goes unnoticed, but it can have performance and functionality implications. In today’s post, I want to explore anotherContinue reading “Web Proxy Authentication”
Seamless Single Sign-On
There are many different authentication primitives built into browsers. The most common include Web Forms authentication, HTTP authentication, client certificate authentication, and the new WebAuthN standard. Numerous different authentication frameworks build atop these, and many enterprise websites support more than one scheme. Each of the underlying authentication primitives has different characteristics: client certificate authentication isContinue reading “Seamless Single Sign-On”
Revealing Passwords
The Microsoft Edge browser, Edge Legacy, and Internet Explorer all offer a convenient mechanism for users to unmask their typing as they edit a password field: Clicking the little eye icon disables the masking dots so that users can see the characters they’re typing: This feature can be very useful for those of us whoContinue reading “Revealing Passwords”
“Can I… in the new Edge?” (Un-FAQ)
This post is intended to collect a random set of questions I’ve been asked multiple times about the new Chromium-based Edge. I’ll add to it over time. I wouldn’t call this a FAQ because these questions, while repeated, are not frequently asked. Last Update: March 10, 2023 Can I get a list of all supportedContinue reading ““Can I… in the new Edge?” (Un-FAQ)”
Microsoft’s Three Browsers
It’s an interesting time. Microsoft now maintains three different web browsers: Internet Explorer 11 Microsoft Edge Legacy (Spartan, v18 and below) Chromium-based Microsoft Edge (v79+) If you’re using Internet Explorer 11, you should stop; sometimes, this is easier said than done. If you’re using Legacy Microsoft Edge, you should upgrade to the new Microsoft EdgeContinue reading “Microsoft’s Three Browsers”
Security Zones in Edge
Last updated: 9 February 2023 Browsers As Decision Makers As a part of every page load, browsers have to make dozens, hundreds, or even thousands of decisions — should a particular API be available? Should a resource load be permitted? Should script be allowed to run? Should video be allowed to start playing automatically? ShouldContinue reading “Security Zones in Edge”
text/plain 