Brandon Wilson & Tan Tran
Hi IT Pros,
We still get the questions about Internet Explorer migration to Edge Chromium once in a while, especially from Government Agency Customers, the questions usually related to the in-house legacy application’ compatibility and developer's tools.
Today we discuss about all thing migration from IE to Edge, I have combined a check list of Edge's features, how to run Edge in IE compatible mode and its limitations for your review. We also touch on the new Edge feature for developers, the Webview2 tool which will be available in the near future.
Migration from IE to Edge check list.
ActiveX control, Silverlight, Java Objects (BHOs) like Silverlight or Java. However, if you're running web apps that use ActiveX controls, BHOs, or legacy document modes on Internet Explorer 11, you can configure them to run in IE mode on the new Microsoft Edge IE mode on Microsoft Edge makes it easy to use all of the sites your organization needs in a single browser. It uses the integrated Chromium engine for modern sites, and it uses the Trident MSHTML engine from Internet Explorer 11 (IE11) for legacy sites. When a site loads in IE mode, the IE logo indicator displays on the left side of navigation bar. You can click the IE logo indicator to display additional information, as shown here: |
Edge browser in IE mode, features and configuration: Only those sites that you specifically configure (via policy) will use the IE mode: Entering the site FQDN names in the Enterprise Mode Site List XML defined in one of these policies: - Microsoft Edge, "Configure the Enterprise Mode Site List" - Internet Explorer, "Use the Enterprise Mode IE website list" The Microsoft Edge site list policy takes precedence over the Internet Explorer site list policy. IE mode supports the following Internet Explorer functionality - All document modes and enterprise modes - ActiveX controls (such as Java or Silverlight) - Browser Helper Objects - Internet Explorer settings and Group Policies that affect the security zone settings and Protected Mode - The F12 developer tools for IE, when launch with IEChooser - Microsoft Edge extensions (Extensions that interact with the IE page content directly are not supported.) IE mode doesn't support the following Internet Explorer functionality - Internet Explorer toolbars. - Internet Explorer settings and Group Policies that affect the navigation menu (for example - search engines, and home pages). - IE11 or Microsoft Edge F12 developer tools with the exception of IEChooser.
|
Using GPO to enable Edge Enterprise mode (IE compatible mode) Computer configuration\Policies\Administrative template\Microsoft Edge
|
Using GPO to enable IE Enterprise mode Administrative Templates\Windows Components\Internet Explorer\Use the Enterprise Mode IE website list
More info: Turn on Enterprise Mode and use a site list (Internet Explorer 11 for IT Pros) - Internet Explorer | Microsoft Docs
Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2) (Internet Explorer 11 for IT Pros) - Internet Explorer | Microsoft Docs |
If you know that your intranet sites are not going to work correctly with Microsoft Edge, you can configure Microsoft Edge GPO with setting named "set all intranet sites to open using IE11" to redirect intranet sites traffic to IE11 automatically as shown here: Computer configuration\Policies\Administrative template\Microsoft Edge
|
Edge could detect and automatically redirect traffic from IE to Edge if there is incompatible function. Many modern websites have designs that are incompatible with Internet Explorer (IE). When an IE user visits an incompatible public website, the user may get a message about incompatible browser. After the message, starting with version 84, IE will automatically redirects users to Microsoft Edge.
Redirection from Internet Explorer to Microsoft Edge requires an Internet Explorer Browser Helper Object (BHO) named "IEtoEdge BHO". The RedirectSitesFromInternetExplorerPreventBHOInstall policy controls whether or not this BHO is installed. |
IE incompatible banner If IE detect a modern Web site and it is incompatible with: - A website incompatibility banner is displayed under the address bar for each redirection. - Users may continue to use IE for websites that are not on the IE compatibility list. - To Add or Remove Public site in compatible list : you could email your suggestion to - When a site is redirected from Internet Explorer to Microsoft Edge, the Internet Explorer tab that started loading the site is closed if it had no prior content. Otherwise, the active tab view goes to a Microsoft support page that explains why the site was redirected to Microsoft Edge.
|
Microsoft Edge supported browser privacy with tracking prevention feature: The tracking prevention feature in Microsoft Edge protects users from online tracking by restricting the ability of trackers to access browser-based storage as well as the network. - To configure, typing in the url address box: "edge://settings/privacy" - If any of the visited host names match with a host name on the Disconnect lists of Edge, Microsoft Edge proceeds with evaluating enforcement actions to prevent users from being tracked. - You could set 3 level of prevention as shown here: |
|
To Unblock tracking prevention for Company's Web Developer: Microsoft is currently working on the Storage Access API in the Chromium codebase. The Storage Access API gives site developers a way to request storage access from users directly, to quickly and intuitively unblock themselves. |
|
Mitigation of "tracking prevention" for the companies belonged to the same Org or the Org acquired by your Company: Microsoft Edge exempts a site from tracking prevention when the site is making third-party requests to other sites owned by the same parent organization (as defined in the Disconnect entities.json list) |
Edge Security Best practice - Enabling SmartScreen to protect the system running Edge Microsoft Defender SmartScreen is a service that Microsoft Edge uses to keep you safe while you browse the web. Microsoft Defender SmartScreen provides an early warning system, based on Microsoft Security Intelligence about web sites ' reputation (Web site URL whitelist and Black list), against websites that might engage in phishing attacks or attempt to distribute malware through a focused attack. - SmartScreen is enable by default on Edge, you could prevent End User from acting to disable SmartScreen by using GPO. - Whenever there is a false positive blockage of legitimate Web URL, you should provide the information to the Defender SmartScreen Support Team to clear the blockage instead of disable the SmartScreen function - The following screenshot shown the report's content:
More detail about how to report about smartsreen blocking a legitimate URL or an appropriate
|
Edge Security recommendation - Using Windows 10 Defender Application Guard (WDAG) - WDAG for Microsoft Edge is the strongest form of isolation today, users of Windows 10 Enterprise can run the Microsoft Edge browser in a fully isolated hardware environment. Doing so provides the highest level of protection against zero-day exploits, unpatched vulnerabilities, and web-based malware. - The WDAG use Hyper-V virtual container to provides a temporary environment for users to experience the Internet. The ability to refresh the container when a user logs off means malware does not have a place to persist.
more detail at Making Microsoft Edge the most secure browser with Windows Defender Application Guard - Microsoft Security
|
Using Microsoft Edge DevTools to debug Office-Add-in: When the Office add-in is running in Microsoft Edge, you can use the Microsoft Edge DevTools. > Run the add-in. > Run the Microsoft Edge DevTools. > In the tools, open the Local tab. Your add-in will be listed by its name. > Click the add-in name to open it in the tools. > Open the Debugger tab. > Choose the folder icon above the script (left) pane. From the list of available files shown in the dropdown list, select the JavaScript file that you want to debug. > To set a breakpoint, select the line. You will see a red dot to the left of the line and a corresponding line in the Call stack (bottom right) pane. > Execute functions in the add-in as needed to trigger the breakpoint.
|
About ClickOnce and DirectInvoke: Currently, Edge Chromium doesn't provide native support for ClickOnce or DirectInvoke. ClickOnce and DirectInvoke are features available in IE and Microsoft Edge classic (version 45 and earlier) that support the use of a file handler to download files from a website. ClickOnce requests are handled by the native file handler in Windows. DirectInvoke requests are handled by a registered file handler specified by the website hosting the file. ClickOnce and DirectInvoke in Microsoft Edge | Microsoft Docs |
Edge Group Policy list:
Applies to Microsoft Edge version 77 or later (Edge Chromium).
NEW POLICIES |
|
Name |
Caption |
Allow Basic authentication for HTTP |
|
Do not set window.opener for links targeting _blank |
|
Allow the Web widget |
|
Enable the Web widget at Windows startup |
Available Browser policies
AVAILABLE POLICIES |
|
|
|
|
|
To configure the group policy for a default file type and protocol associations configuration file:
- Open the Group Policy editor and go to the Computer Configuration\Administrative Templates\Windows Components\File Explorer.
- Select Set a default associations configuration file.
Importing other Browser's favorite items into Microsoft Edge:
Open Microsoft Edge and select Settings and more at the top corner of the window.
Select Favorites > Import.
Under Import from, select the browser from which you want to import your favorites or select Favorites or bookmarks HTML file.
More Edge features and documents:
WebView2 is Microsoft’s new embedded web control (11-19-2020), built on top of Microsoft Edge (Chromium). The Microsoft Edge WebView2 control enables you to embed web technologies (HTML, CSS, and JavaScript) in your native applications |
|
Edge browser 46 tips |
|
Deploy and Update Edge by SCCM |
https://docs.microsoft.com/en-us/mem/configmgr/apps/deploy-use/deploy-edge
|
All Edge Documents |
Microsoft Edge documentation - Microsoft Edge Development | Microsoft Docs |
Reference:
- Moving users to Microsoft Edge from Internet Explorer - Microsoft Edge Development | Microsoft Docs
- Tracking Prevention in Microsoft Edge (Chromium) - Microsoft Edge Development | Microsoft Docs
- Developing for the web with the power of building a native desktop application.
- Add multiple sites to the Enterprise Mode site list using a file and the Enterprise Mode Site List Manager (schema v.2) (Internet Explorer 11 for IT Pros) - Internet Explorer | Microsoft Docs
- About IE mode | Microsoft Docs
- Microsoft Edge Tips
- Microsoft Edge Browser Policy Documentation | Microsoft Docs
- Microsoft Edge: Configure IE Mode (Part 1) – Azure Cloud & AI Blog