Table of Contents

Class CoreWebView2CustomSchemeRegistration

Namespace
Microsoft.Web.WebView2.Core
Assembly
Microsoft.Web.WebView2.Core.dll

Represents the registration of a custom scheme with the CoreWebView2Environment.

public class CoreWebView2CustomSchemeRegistration
Inheritance
CoreWebView2CustomSchemeRegistration
Inherited Members

Examples

custom-scheme-with-host://hostname/path/to/resource has origin of custom-scheme-with-host://hostname. custom-scheme-without-host:path/to/resource has origin of custom-scheme-without-host:path/to/resource.

Remarks

This allows the WebView2 app to be able to handle WebResourceRequested event for requests with the specified scheme and be able to navigate the WebView2 to the custom scheme. Once the environment is created, the registrations are valid and immutable throughout the lifetime of the associated WebView2s' browser process and any WebView2 environments sharing the browser process must be created with identical custom scheme registrations, otherwise the environment creation will fail. Any further attempts to register the same scheme will fail during environment creation. The URIs of registered custom schemes will be treated similar to http URIs for their origins. They will have tuple origins for URIs with host and opaque origins for URIs without host as specified in 7.5 Origin - HTML Living Standard For WebResourceRequested event, the cases of request URIs and filter URIs with custom schemes will be normalized according to generic URI syntax rules. Any non-ASCII characters will be preserved. The registered custom schemes also participate in CORS and adheres to CSP. The app needs to set the appropriate access headers in its WebResourceRequested event handler to allow CORS requests.

Constructors

CoreWebView2CustomSchemeRegistration(string)

Initializes a new instance of the CoreWebView2CustomSchemeRegistration class.

public CoreWebView2CustomSchemeRegistration(string schemeName)

Parameters

schemeName string

The name of the custom scheme to register.

Properties

AllowedOrigins

List of origins that are allowed to issue requests with the custom scheme, such as XHRs and subresource requests that have an Origin header.

public List<string> AllowedOrigins { get; set; }

Property Value

List<string>

Remarks

The origin of any request (requests that have the Origin header) to the custom scheme URI needs to be in this list. No-origin requests are requests that do not have an Origin header, such as link navigations, embedded images and are always allowed. Note that cross-origin restrictions still apply. From any opaque origin (Origin header is null), no cross-origin requests are allowed. If the list is empty, no cross-origin request to this scheme is allowed. Origins are specified as a string in the format of scheme://host:port. The origins are string pattern matched with (matches 0 or more characters) and ? (matches 0 or 1 character) wildcards just like the URI matching in the AddWebResourceRequestedFilter(string, CoreWebView2WebResourceContext) API. For example, http://.example.com:80.

Here's a set of examples of what is allowed or not:

Request URIOriginating URLAllowedOriginsAllowed
custom-scheme:requesthttps://www.example.com{"https://www.example.com"}Yes
custom-scheme:requesthttps://www.example.com{"https://*.example.com"}Yes
custom-scheme:requesthttps://www.example.com{"https://www.example2.com"}No
custom-scheme-with-authority://host/pathcustom-scheme-with-authority://host2{""}No
custom-scheme-with-authority://host/pathcustom-scheme-with-authority2://host{"custom-scheme-with-authority2://*"}Yes
custom-scheme-without-authority:pathcustom-scheme-without-authority:path2{"custom-scheme-without-authority:*"}No
custom-scheme-without-authority:pathcustom-scheme-without-authority:path2{"*"}Yes

HasAuthorityComponent

Set this property to true if the URIs with this custom scheme will have an authority component (a host for custom schemes). Specifically, if you have a URI of the following form you should set the HasAuthorityComponent value as listed.

URIRecommended HasAuthorityComponent value
custom-scheme-with-authority://host/pathtrue
custom-scheme-without-authority:pathfalse
public bool HasAuthorityComponent { get; set; }

Property Value

bool

Remarks

When this property is set to true, the URIs with this scheme will be interpreted as having a scheme and host origin similar to an http URI. Note that the port and user information are never included in the computation of origins for custom schemes. If this property is set to false, URIs with this scheme will have an opaque origin similar to a data URI. This property is false by default. Note: For custom schemes registered as having authority component, navigations to URIs without authority of such custom schemes will fail. However, if the content inside WebView2 references a subresource with a URI that does not have an authority component, but of a custom scheme that is registered as having authority component, the URI will be interpreted as a relative path as specified in RFC3986. For example, custom-scheme-with-authority:path will be interpreted as custom-scheme-with-authority://host/path. However, this behavior cannot be guaranteed to remain in future releases so it is recommended not to rely on this behavior.

SchemeName

The name of the custom scheme to register.

public string SchemeName { get; }

Property Value

string

TreatAsSecure

Whether the sites with this scheme will be treated as a Secure Context like an HTTPS site.

public bool TreatAsSecure { get; set; }

Property Value

bool