You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
description: How to run compiled code in your extension at near-native speed, by using WebAssembly (Wasm).
4
+
author: MSEdgeTeam
5
+
ms.author: msedgedevrel
6
+
ms.topic: conceptual
7
+
ms.service: microsoft-edge
8
+
ms.subservice: extensions
9
+
ms.date: 02/12/2025
10
+
---
11
+
# Run compiled code in an extension
12
+
13
+
You can run compiled code in your extension at near-native speed, by using WebAssembly (Wasm). WebAssembly is a low-level assembly-like language which many other languages, such as C, C++, or Rust, can compile to, and which can run at near native-speed in web browsers.
14
+
15
+
See:
16
+
*[WebAssembly](https://developer.mozilla.org/docs/WebAssembly) at MDN.
<!-- sections that point to this article because of this section:
23
+
* [Native Client (NaCl) no longer supported](../whats-new/roadmap.md#native-client-nacl-no-longer-supported) in _Roadmap for Microsoft Edge Add-ons_.
24
+
* "Removal of Native Client (NaCl)" table row in [Earlier versions](../../web-platform/site-impacting-changes?tabs=earlier#high-impact-changes) in _Site compatibility-impacting changes coming to Microsoft Edge_.
25
+
-->
26
+
27
+
To enhance web security and performance, Native Client (NaCl) is no longer supported by Microsoft Edge (along with other browsers). Native Client (NaCl) was supported through Edge version 115. In 116 to 119, NaCl was only usable by enabling an enterprise policy. Starting with 120 (December 2023), support for NaCl was completely removed.
28
+
29
+
NaCl is a sandbox for running compiled C and C++ code in browsers efficiently and securely, independently of the user's operating system. WebAssembly (Wasm) is recommended instead of NaCl.
Native Client (NaCl) was supported through Edge version 115. In 116 to 119, NaCl was only usable by enabling an enterprise policy. Starting with 120 (December 2023), support for NaCl was completely removed.
29
+
30
+
To enhance web security and performance, Native Client (NaCl) is no longer supported by Microsoft Edge (along with other browsers). WebAssembly (Wasm) is recommended instead of NaCl; see [Run compiled code in an extension](../developer-guide/run-compiled-code.md).
| WebGPU `maxInterStageShaderComponents` limit | v133 || The WebGPU `maxInterStageShaderComponents` limit is being removed. See [Deprecate WebGPU limit maxInterStageShaderComponents](./release-notes/133.md#deprecate-webgpu-limit-maxinterstageshadercomponents). |
39
-
|`<link rel=prefetch>` five-minute rule | v133 || Previously, when a resource was prefetched by using `<link rel=prefetch>`, its cache semantics (specifically, `max-age` and `no-cache`) were ignored for the first use within 5 minutes, to avoid refetching. Now, this special case has been removed, and normal HTTP cache semantics are used. See [Remove `<link rel=prefetch>` five-minute rule](./release-notes/133.md#remove-link-relprefetch-five-minute-rule). |
40
38
| Insecure downloads over HTTP | Future release (TBD) || When a user tries to download potentially dangerous content from an HTTP site, the user will receive a UI warning, such as "Insecure download blocked." The user will still have an option to proceed and download the item. Admins can use the `InsecureContentAllowedForUrls` policy to specify HTTP sites for which the warning will be suppressed. Admins can use the `InsecureDownloadWarnings` feature flag to test the impact of this upcoming feature. |
41
39
| Deprecate unload event | Future release (TBD) || Introduces a new Permission-Policy to allow creating unload event listeners. The default policy is `allow`, but the default policy will gradually be migrated to `deny`, such that unload handlers stop firing on pages, unless a page explicitly opts in to re-enable them. This change is happening in the Chromium project, on which Microsoft Edge is based. For more information, see [Intent to Deprecate: Deprecate unload event](https://groups.google.com/a/chromium.org/g/blink-dev/c/dvusqw9-IhI/m/SBkm_u1RAQAJ). |
42
40
| Removal of cross-origin subframe JavaScript dialogs | Future release (TBD) || Removes `window.alert`, `window.prompt`, and `window.confirm` from cross-origin iframes. This change is happening in the Chromium project, on which Microsoft Edge is based. For more information, see [Intent to Remove: Cross origin subframe JS Dialogs](https://groups.google.com/a/chromium.org/g/blink-dev/c/hTOXiBj3D6A/m/JtkdpDd1BAAJ). |
41
+
| WebGPU `maxInterStageShaderComponents` limit | v133 || The WebGPU `maxInterStageShaderComponents` limit is being removed. See [Deprecate WebGPU limit maxInterStageShaderComponents](./release-notes/133.md#deprecate-webgpu-limit-maxinterstageshadercomponents). |
42
+
|`<link rel=prefetch>` five-minute rule | v133 || Previously, when a resource was prefetched by using `<link rel=prefetch>`, its cache semantics (specifically, `max-age` and `no-cache`) were ignored for the first use within 5 minutes, to avoid refetching. Now, this special case has been removed, and normal HTTP cache semantics are used. See [Remove `<link rel=prefetch>` five-minute rule](./release-notes/133.md#remove-link-relprefetch-five-minute-rule). |
43
43
| Deprecate `textprediction` attribute | v133 || Removes support for the `textprediction` HTML attribute, which is a nonstandard attribute that's used to enable or disable the browser-based Text Prediction feature for long-form text inputs. Instead, use the standardized `writingsuggestions` attribute, which functions similarly to `textprediction`, but also applies to other writing-assistance features that browsers may provide. Sites that explicitly set `textprediction` to `true` or `false` can instead set `writingsuggestions` to the same value. For more information, see [Writing suggestions](https://html.spec.whatwg.org/multipage/interaction.html#writing-suggestions) in the HTML specification. |
44
44
| Removal of Token Binding support | v127, v130 || Token Binding uses cryptographic certificates on both ends of the TLS connection in an attempt to close the security gap of bearer tokens, which may be lost or stolen. The enterprise policy [AllowTokenBindingsForUrls](/deployedge/microsoft-edge-policies#allowtokenbindingforurls) will no longer be supported, as of v127. Support for the Token Binding protocol will be removed in v130. |
45
45
| Removal of mutation events | v127 || Removes support for mutation events in Chromium. Use the [MutationObserver](https://developer.mozilla.org/docs/Web/API/MutationObserver) API instead. See [Intent to Deprecate: Mutation Events](https://groups.google.com/a/chromium.org/g/blink-dev/c/qDsKRU-cQ_4/m/isA1mZ_aAAAJ). |
@@ -51,6 +51,7 @@ This table lists high-impact changes which the Microsoft Edge team is tracking c
| Added support for AVIF and AV1 file formats | v121 || Microsoft Edge now supports the AVIF and AV1 file formats, which offer better compression and higher quality images and videos. Users can enjoy faster loading times and better quality media on websites. |
54
+
| Removal of Native Client (NaCl) | v120 || To enhance web security and performance, Native Client (NaCl) is no longer supported for Microsoft Edge (along with other browsers). NaCl was supported through v115. In v116 through v119, NaCl was only usable by enabling an enterprise policy. WebAssembly (Wasm) is recommended instead of NaCl; see [Run compiled code in an extension](../extensions-chromium/developer-guide/run-compiled-code.md). |
54
55
| Ignore modifications to `document.domain` by default | v119 || The `document.domain` property historically could be set to relax the same-origin policy and allow subdomains from a site to interact. This behavior will be disabled by default, such that setting the `document.domain` property will have no effect. For more information and workarounds, see [Microsoft Edge will disable modifying document.domain](/deployedge/edge-learnmore-origin-keyed-agent-cluster). |
55
56
| New TLS server certificate verifier | v111 (managed devices), v109 (unmanaged devices) || No site compatibility impacts are anticipated. If you have uncommon TLS server certificate deployments, you should test in v109 to confirm there's no impact. For more information and testing guidance, see [Changes to Microsoft Edge browser TLS server certificate verification](/deployedge/microsoft-edge-security-cert-verification). |
56
57
| Send CORS preflight requests for private network access | v104 | | Starting with v104, Microsoft Edge sends a CORS [preflight](https://developer.chrome.com/blog/private-network-access-preflight/) request before a page from the internet is allowed to request resources from a local network (intranet). The intranet server should respond to the preflight by providing explicit permission to access the resource. The result of this check is not yet enforced. Enforcement will begin in v111 at the earliest. This change is happening in the Chromium project, on which Microsoft Edge is based. For more information, see the [Chrome Platform Status entry](https://chromestatus.com/feature/5737414355058688) and [_Chrome Developers_ blog post](https://developer.chrome.com/blog/private-network-access-preflight/#rollout-plan). Two compatibility policies are available to suppress the CORS preflight request: [InsecurePrivateNetworkRequestAllowed](/deployedge/microsoft-edge-policies#insecureprivatenetworkrequestsallowed) and [InsecurePrivateNetworkRequestAllowedForUrls](/deployedge/microsoft-edge-policies#insecureprivatenetworkrequestsallowedforurls). |
0 commit comments