Microsoft Edge Developer

Hi, are you a web developer or designer?

“No, I just want to share feedback on Microsoft Edge.”

Please use the Feedback Hub (requires Windows 10) to submit your feedback in the Microsoft Edge category. This site is for web developer and designer feedback only. Other feedback will be closed without action.

“Yes, I’m a web developer or designer with feedback for the Microsoft Edge platform.”

Great! This site is where the Microsoft Edge team collects feature requests from the web developer and designer community in the categories listed to the right. For bugs on existing features, please log an issue on the Issue Tracker.

Your feedback will help us with planning and to better understand how web developers and designers are using the platform. Top standards-based feature requests will also be copied over to status.microsoftedge.com, where you can track its development status.

For the most actionable feedback, please search and up vote for existing suggestions before submitting a new suggestion, and create a separate suggestion per idea. Note that off topic or inappropriate suggestions may be moderated. The Microsoft Edge team will use suggestions as an important input, but there are several additional factors that inform the final roadmap.

A note from our lawyers: Please do not send any novel or patentable ideas, copyrighted materials, samples or demos which you do not want to grant a license to Microsoft. See the Terms of Service for more information.

How can we improve the Microsoft Edge developer experience?

You've used all your votes and won't be able to post a new idea, but you can still search and comment on existing ideas.

There are two ways to get more votes:

  • When an admin closes an idea you've voted on, you'll get your votes back from that idea.
  • You can remove your votes from an open idea you support.
  • To see ideas you have already voted on, select the "My feedback" filter and select "My open ideas".
(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Support "SameSite" cookie option

    The "SameSite" cookie prevents CSRF attacks by telling the browser not to send the cookie in requests that originate from sites other than the one that created it.

    Read the spec draft here:

    https://tools.ietf.org/html/draft-west-first-party-cookies-07

    Chrome already supports it as declared here:

    https://www.chromestatus.com/feature/4672634709082112

    453 votes
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
    • Content Security Policy Level 2

      CSP Level 2 bring with it the ability the whitelist inline script tags using the `script-src: nonce-<nonce>` directive.

      This allows applications that rely on a small set of inline scripts to still reap the xss-fighting benefits of disallowing all other inline scripts and inline event handlers.

      628 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
      • Never allow malicious tabs/pages to create modal dialogs that cannot be dismissed

        Edge should prevent a page from repeatedly popping up modal dialogs that block action on the current or other tabs. In IE 11, it is possible for a page to pop up a modal OS dialog window, and upon attempting to close that window, simply re-open it. I experienced this today with a rogue fake virus warning page, and had to kill the entire IE process to get rid of the dialog. Simply unacceptable from a security standpoint.

        114 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          Completed  ·  4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
        • Upgrade Insecure Requests

          Upgrade Insecure Requests is a mechanism that web pages instruct user agents to upgrade priori insecure resource requests to secure transports before fetching them.

          This feature can make deploying HTTPS easier for websites.

          spec: https://w3c.github.io/webappsec/specs/upgrade/

          534 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            11 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
          • Don't see your idea?

          Microsoft Edge Developer

          Feedback and Knowledge Base