Microsoft Edge Developer Guide

Tip

Test on Microsoft Edge free from any browser: We partnered with BrowserStack to get free live and automated testing on Microsoft Edge.

What's new in EdgeHTML 15

Here are the changes shipped with the current release of the Microsoft Edge platform, as of the Windows 10 Creators Update (Build 15063) (04/2017). For an overview of changes to the overall Microsoft Edge browser, see What’s new in Microsoft Edge in the Windows 10 Creators Update

For changes in subsequent Windows Insider Preview builds, see the Microsoft Edge Changelog.

Here's the permalink for the following list of changes: https://aka.ms/devguide_edgehtml_15

New features

CSS Custom Properties

Microsoft Edge now supports CSS Custom Properties, a.k.a CSS Variables. CSS Variables allow you to create custom CSS properties that can be reused throughout stylesheets to help reduce the amount of duplicate data, like repeated colors. Using CSS Variables is simple:

/* define a custom property by using two dashes and assign it a value */
body {   
   --default-color: #3390b1
}

/* reference it in your stylesheet with the "var()" function */
h1 {
   color: var(--default-color);
}

Intersection Observer

EdgeHTML 15 introduces the Intersection Observer API specification. The Intersection Observer API allows you to asynchronously query the position and visibility of DOM elements relative to other elements or the global viewport. This API eliminates the need for custom expensive code by creating a method to efficiently notify elements when they are in view.

Payment Request API

The Payment Request API is now supported, enabling simpler checkout and payments on the web with Microsoft Wallet on Windows 10 PCs and Phones. This API enables Microsoft Edge to act as an intermediary between merchants, consumers, and the payment methods (e.g. credit cards) that consumers have stored in the cloud. For more information on the Payment Request API, check out Simpler web payments: Introducing the Payment Request API and the Payment Request API developer guide.

TCP Fast Open (TFO)

TCP Fast Open is a feature that reduces the number of round trips required to open a TCP connection, improving browser networking performance. For more details, see Building a faster and more secure web with TCP Fast Open. Due to interoperability differences in various network topologies, this features is not enabled by default in Microsoft Edge. To enable it, type about:flags in your address bar, and select the checkbox for Enable TCP Fast Open under the Networking section.

WebRTC and interoperable RTC video codec support

EdgeHTML 15 supports a subset of the WebRTC 1.0 API for interoperability with applications built with earlier versions of the W3C WebRTC-PC API circa 2015. See the WebRTC API reference for details.

To take advantage of our most advanced features in peer-to-peer audio and video communication, we recommend using the Object Real-Time Communication) API. The ORTC API is better suited for situations where you want to set up group audio and video calls, or directly control individual transport, sender, and receiver objects.

The Microsoft Edge supports both H.264/AVC and VP8 video with ORTC and WebRTC 1.0, and provides the following features in support of both codec types: abs-send-time, goog-remb, Picture Loss Indication and Generic NACK feedback, RTP Retransmission.

For more info, see Introducing WebRTC 1.0 and interoperable real-time communications in Microsoft Edge.

WebVR

Microsoft Edge now has support for WebVR, an experimental API that connects Windows Mixed Reality head mounted displays and Edge. This connection enables VR content to be experienced within a website, meaning immersive VR experiences are no longer limited to desktop applications.

Virtual reality in Edge is powered by WebGL, a JavaScript API for rendering 3D and 2D graphics. WebGL applications and applications built with WebGL libraries like BabylonJS are supported. Once connected, WebVR sends visuals corresponding to the position and sensor information around the headset. The WebVR API also supports spatial controllers thanks to an extension to the Gamepad API. This API is on by default, so no need to toggle a flag.

To get a feel for what it looks like to work with the API, here’s some basic code to render a frame to both eyes of a Windows Mixed Reality device.

See the WebVR API reference and Gamepad API reference for details.

Note

Since the WebVR spec is still in development, Edge's implementation may change later down the line.

Updated features

Content Security Policy (Level 2)

Sites already using CSP 1 should continue to work with Microsoft Edge support for CSP 2, however it's best to switch any frame-src directives that load worker scripts to the new child-src directive to future-proof your site. (In CSP 3, frame-src will no longer apply to workers.) CSP 2 also adds the following:

  1. New directives: base-uri, child-src, form-action, frame-ancestors and plugin-types. See Edge supported CSP directives for more.

  2. Workers support: Background worker scripts are governed by their own policy, separate from the policy of the document loading them. As with host documents, you can set the CSP for a worker in the response header. Also new in CSP 2 is that allow-scripts and allow-same-origin flags of the sandbox directive now affect worker thread creation.

  3. Inline scripts and styles: CSP 2 allows for the execution of inline scripts and style blocks by providing nonces and hashes as a whitelisting mechanism. Nonces are random base-64 values generated on each page load that appears in both the CSP policy and in the script tags in the page. When the page is dynamically generated on load, the server generates a nonce value, inserts it into the NonceToken in the page and also declares it in the Content Security Policy HTTP header. Hashes are static values generated (via sha256, sha384 or sha512 algorithms) from the content of a <script> or <style> element that are then specified (via script-src or style-src directives) in the CSP policy.

  4. CSP violation reporting: A new event, SecurityPolicyViolationEvent is now fired upon CSP violations. The earlier mechanism for CSP reporting, report-uri, continues to be supported. Several new fields have been added to the violation reports common to both, including effectiveDirective (the policy that was violated), statusCode (the HTTP response code), sourceFile (the URL of the offending resource), lineNumber, and columnNumber.

Web Authentication

Edge support for the emerging Web Authentication API using Windows Hello biometrics has been updated with the following changes:

  • The initial implementation of the experimental Web Authentication API introduced in EdgeHTML 14 (Windows 10 Anniversary Update, build 10240, 7/2016) was exposed through MS- prefixed APIs (the MSCredentials interface). While these APIs are still available in EdgeHTML 15, they are now deprecated in favor of the non-prefixed, standards-based APIs and behaviors defined in a more recent snapshot of the specification, and are likely to continue changing as the spec matures toward standardization.

  • The latest Edge implementation is turned off by default and ships behind a flag (type about:flags in your address bar to turn on the feature).

  • Microsoft Edge does not yet support external credentials like USB keys or Bluetooth devices. The current API is limited to embedded credentials stored in the TPM. A software fallback is used if TPM is not available on the device.

  • The currently logged in Windows user account must be configured to support at least a PIN, and preferably face or fingerprint biometrics. This is to ensure that Windows can authenticate the access to the TPM.

  • Of the predefined extensions described in the spec, Microsoft Edge only supports the FIDO AppId (webauthn_txAuthSimple) at this time.

  • The timeoutSeconds option is not currently evaluated

WebDriver

EdgeHTML 15 brings a handful of WebDriver updates including support for the silent command line flag and new command endpoints:

Method URI Template Command
POST /session/{session id}/alert/accept Accept Alert
POST /session/{session id}/alert/dismiss Dismiss Alert
GET /session/{session id}/alert/text Get Alert Text
POST /session/{session id}/alert/text Send Alert Text
POST /session/{session id}/execute/async Execute Async Script
POST /session/{session id}/execute/sync Execute Script
GET /session/{session id}/window Get Window Handle
GET /session/{session id}/window/handles Get Window Handles

For more info and the status of other WebDriver features, check out WebDriver commands.

New APIs in EdgeHTML 15

Here's the full list of new APIs in EdgeHTML 15. They are listed in the format of [interface name].[api name].

Previous EdgeHTML releases

EdgeHTML 13 / Windows build 14393 (11/2015)

EdgeHTML 14 / Windows build 10240 (7/2016)