ICoreWebView2NavigationStartingEventArgs2

Undocumented in source.
version(Windows && inline_webview2_bindings && all)
interface ICoreWebView2NavigationStartingEventArgs2 : ICoreWebView2NavigationStartingEventArgs {
static const
GUID iid;
}

Members

Functions

get_AdditionalAllowedFrameAncestors
HRESULT get_AdditionalAllowedFrameAncestors(LPWSTR* value)

Get additional allowed frame ancestors set by the host app.

put_AdditionalAllowedFrameAncestors
HRESULT put_AdditionalAllowedFrameAncestors(LPCWSTR value)

The app may set this property to allow a frame to be embedded by additional ancestors besides what is allowed by http header X-Frame-Options and Content-Security-Policy frame-ancestors directive. If set, a frame ancestor is allowed if it is allowed by the additional allowed frame ancestors or original http header from the site. Whether an ancestor is allowed by the additional allowed frame ancestors is done the same way as if the site provided it as the source list of the Content-Security-Policy frame-ancestors directive. For example, if https://example.com and https://www.example.com are the origins of the top page and intermediate iframes that embed a nested site-embedding iframe, and you fully trust those origins, you should set this property to https://example.com https://www.example.com. This property gives the app the ability to use iframe to embed sites that otherwise could not be embedded in an iframe in trusted app pages. This could potentially subject the embedded sites to Clickjacking attack from the code running in the embedding web page. Therefore, you should only set this property with origins of fully trusted embedding page and any intermediate iframes. Whenever possible, you should use the list of specific origins of the top and intermediate frames instead of wildcard characters for this property. This API is to provide limited support for app scenarios that used to be supported by <webview> element in other solutions like JavaScript UWP apps and Electron. You should limit the usage of this property to trusted pages, and specific navigation target url, by checking the Source of the WebView2, and Uri of the event args.

Inherited Members

From ICoreWebView2NavigationStartingEventArgs

get_Uri
HRESULT get_Uri(LPWSTR* uri)

The uri of the requested navigation.

get_IsUserInitiated
HRESULT get_IsUserInitiated(BOOL* isUserInitiated)

TRUE when the navigation was initiated through a user gesture as opposed to programmatic navigation by page script. Navigations initiated via WebView2 APIs are considered as user initiated.

get_IsRedirected
HRESULT get_IsRedirected(BOOL* isRedirected)

TRUE when the navigation is redirected.

get_RequestHeaders
HRESULT get_RequestHeaders(ICoreWebView2HttpRequestHeaders* requestHeaders)

The HTTP request headers for the navigation.

get_Cancel
HRESULT get_Cancel(BOOL* cancel)

The host may set this flag to cancel the navigation. If set, the navigation is not longer present and the content of the current page is intact. For performance reasons, GET HTTP requests may happen, while the host is responding. You may set cookies and use part of a request for the navigation. Cancellation for navigation to about:blank or frame navigation to srcdoc is not supported. Such attempts are ignored. A cancelled navigation will fire a NavigationCompleted event with a WebErrorStatus of COREWEBVIEW2_WEB_ERROR_STATUS_OPERATION_CANCELED.

put_Cancel
HRESULT put_Cancel(BOOL cancel)

Sets the Cancel property.

get_NavigationId
HRESULT get_NavigationId(UINT64* navigationId)

The ID of the navigation.

Meta