Forum Discussion
GPO Force InPrivate browsing setting breaks webview2 client.
artroy ,
A few questions/suggestions:
- You mentioned "multi app use": Is this referring to the multi-app kiosk mode in Windows? If not, have you tried evaluating this mode for your needs? Set up a multi-app kiosk on Windows 10 - Configure Windows | Microsoft Docs
- This mode locks Windows down to only the allowed apps and prevents the regular taskbar and "normal" start menu from showing up.
- Here's an example solution post that maybe of relevance to your needs: Setup an Edge Chromium based Kiosk device with Microsoft Intune | (inthecloud247.com)
- You mentioned trying out Edge kiosk as an attempt to migrate from WebView2, though, "After making that change all webview2 clients threw an error upon launch" indicates the apps are still using WebView2. Is this still a requirement?
- Instead of forcing InPrivate mode, have you tried other policies to prevent users from modifying settings? Here are some suggestions:
- AddressBarEditingEnabled - though this would mean users CANNOT modify the address bar contents at all
- URLBlocklist and/or URLAllowlist
Let us know how this goes 🙂
- You mentioned "multi app use": Is this referring to the multi-app kiosk mode in Windows? If not, have you tried evaluating this mode for your needs? Set up a multi-app kiosk on Windows 10 - Configure Windows | Microsoft Docs
Kelly_Y We are using the full screen signage experience. We use GPO to create Edge web link tiles in the start menu. The web links call the site using "--kiosk "http://www.contoso.com" --edge-kiosk-type=fullscreen". We currently have multi app use on these devices as some of them require the use of other programs. We are using 20h2 and 21h2 at this time and the version of Edge is 99.0.1150.46.
If I set it to use public browsing that does force the link to open to InPrivate but they can still right click in the taskbar and open a new Edge window that will be in a none private mode. Using IE kiosk mode allows right click on the taskbar and the new IE window that opens is still in a locked down state.
Microsoftartroy ,
A few questions/suggestions:
- You mentioned "multi app use": Is this referring to the multi-app kiosk mode in Windows? If not, have you tried evaluating this mode for your needs? Set up a multi-app kiosk on Windows 10 - Configure Windows | Microsoft Docs
- This mode locks Windows down to only the allowed apps and prevents the regular taskbar and "normal" start menu from showing up.
- Here's an example solution post that maybe of relevance to your needs: Setup an Edge Chromium based Kiosk device with Microsoft Intune | (inthecloud247.com)
- You mentioned trying out Edge kiosk as an attempt to migrate from WebView2, though, "After making that change all webview2 clients threw an error upon launch" indicates the apps are still using WebView2. Is this still a requirement?
- Instead of forcing InPrivate mode, have you tried other policies to prevent users from modifying settings? Here are some suggestions:
- AddressBarEditingEnabled - though this would mean users CANNOT modify the address bar contents at all
- URLBlocklist and/or URLAllowlist
Let us know how this goes 🙂
- Thanks for your reply! The solution we have configured at this point utilizes the methods from your third point. We have configured the URLBlocklist to block pretty much any address that is linkable from the Edge menu. We are using AddressBarEditingEnabled to prevent users from typing in URLs. The last setting the really helped us was setting the homepage and new tab page to 'about:blank'. Having 'about:blank' as the start page prevents users from doing things like setting pins and installing a page as an 'app'.
Thanks again for your help!