Jan 31 2020 12:01 PM
Version 81.0.410.0 (Official build) canary (64-bit)
I went to WDAG mode window, installed an extension from Microsoft add-on store, continued browsing the web for few minutes, then i closed the Application Guard window and closed Edge.
waited approx 1 or 2 minutes, launched Edge canary again and started a new Application Guard window, then I noticed the extension that I had installed is still in there!
that was absolutely not what I expected, the Application Guard window should flush itself and clear all of user data once closed.
Feb 05 2020 11:30 AM
@HotCakeX - Thanx for the feedback. Currently the functionality is when "Allow Data persistence For ..." policy is enabled on the device. The Application Guard will persist the previous state. If this policy is turned off the state is flushed on container startup.
Feb 05 2020 12:00 PM - edited Feb 10 2020 11:41 PM
that wasn't it though in my case, turns out this feature is the culprit
which is a flag and apparently enabled by default?
If enabled, Microsoft Edge Application Guard will be prelaunched in the background when recently used. – Windows
when the prelaunch happens and i can see it happen in the task manager, so when it happens, the data is not flushed, it is retained until a specific time is past and then Edge flushes it.
I don't know how many minutes or hours it takes, no information available about it.
but i'm sure it wasn't a policy, this is my own personal system and i never set anything like that.
Feb 10 2020 02:57 PM
Feb 10 2020 11:36 PM - edited Feb 10 2020 11:51 PM
Hope this info help solve the issue
Feb 12 2020 01:49 PM
Solution@HotCakeX This all sounds as expected behavior. With persistence disabled, the extensions (and other settings/data) will persist as long as the container VM exists (it will be destroyed when the host shuts down). The container VM might be destroyed before that -- you can force the issue by restarting the hvsics service for example.
You can see if you have persistence policy on/off at edge://application-guard-internals/#host (look for "container persistence" in the "Policies" section).
It would be unexpected for the extension settings to outlive the container (when persistence is disabled) -- that they are going away with a restart indicates this is all working.
Tying the profile (settings) lifetime to the browser lifetime (instead of the container lifetime) is something we are discussing internally.
Feb 13 2020 03:28 AM
Feb 12 2020 01:49 PM
Solution@HotCakeX This all sounds as expected behavior. With persistence disabled, the extensions (and other settings/data) will persist as long as the container VM exists (it will be destroyed when the host shuts down). The container VM might be destroyed before that -- you can force the issue by restarting the hvsics service for example.
You can see if you have persistence policy on/off at edge://application-guard-internals/#host (look for "container persistence" in the "Policies" section).
It would be unexpected for the extension settings to outlive the container (when persistence is disabled) -- that they are going away with a restart indicates this is all working.
Tying the profile (settings) lifetime to the browser lifetime (instead of the container lifetime) is something we are discussing internally.