The Chromium Projects

Search this site

Except as otherwise noted, the content of this page is licensed under a Creative Commons Attribution 2.5 license, and examples are licensed under the BSD License.

Policy List

[List of Policies for Chrome 26]


This is the list of policies that Google Chrome respects. You don't need to change these settings by hand! You can download easy-to-use templates from http://www.chromium.org/administrators/policy-templates. The list of supported policies is the same for Chromium and Google Chrome, but their Windows registry locations differ. It starts with Software\Policies\Chromium for Chromium policies and with Software\Policies\Google\Chrome for Google Chrome policies.


Policy NameDescription
Allow Google Chrome Frame to handle the following content types
ChromeFrameContentTypesAllow Google Chrome Frame to handle the listed content types
Configure Google Drive options
DriveDisabledDisables Drive
DriveDisabledOverCellularDisables Google Drive over Cellular connections
Configure remote access options
RemoteAccessClientFirewallTraversalEnable firewall traversal from remote access client
RemoteAccessHostFirewallTraversalEnable firewall traversal from remote access host
RemoteAccessHostDomainConfigure the required domain name for remote access hosts
RemoteAccessHostRequireTwoFactorEnable two-factor authentication for remote access hosts
RemoteAccessHostTalkGadgetPrefixConfigure the TalkGadget prefix for remote access hosts
RemoteAccessHostRequireCurtainEnable curtaining of remote access hosts
Content Settings
DefaultCookiesSettingDefault cookies setting
DefaultImagesSettingDefault images setting
DefaultJavaScriptSettingDefault JavaScript setting
DefaultPluginsSettingDefault plugins setting
DefaultPopupsSettingDefault popups setting
DefaultNotificationsSettingDefault notification setting
DefaultGeolocationSettingDefault geolocation setting
DefaultMediaStreamSettingDefault mediastream setting
AutoSelectCertificateForUrlsAutomatically select client certificates for these sites
CookiesAllowedForUrlsAllow cookies on these sites
CookiesBlockedForUrlsBlock cookies on these sites
CookiesSessionOnlyForUrlsAllow session only cookies on these sites
ImagesAllowedForUrlsAllow images on these sites
ImagesBlockedForUrlsBlock images on these sites
JavaScriptAllowedForUrlsAllow JavaScript on these sites
JavaScriptBlockedForUrlsBlock JavaScript on these sites
PluginsAllowedForUrlsAllow plugins on these sites
PluginsBlockedForUrlsBlock plugins on these sites
PopupsAllowedForUrlsAllow popups on these sites
PopupsBlockedForUrlsBlock popups on these sites
NotificationsAllowedForUrlsAllow notifications on these sites
NotificationsBlockedForUrlsBlock notifications on these sites
Default HTML renderer for Google Chrome Frame
ChromeFrameRendererSettingsDefault HTML renderer for Google Chrome Frame
RenderInChromeFrameListAlways render the following URL patterns in Google Chrome Frame
RenderInHostListAlways render the following URL patterns in the host browser
AdditionalLaunchParametersAdditional command line parameters for Google Chrome
Default search provider
DefaultSearchProviderEnabledEnable the default search provider
DefaultSearchProviderNameDefault search provider name
DefaultSearchProviderKeywordDefault search provider keyword
DefaultSearchProviderSearchURLDefault search provider search URL
DefaultSearchProviderSuggestURLDefault search provider suggest URL
DefaultSearchProviderInstantURLDefault search provider instant URL
DefaultSearchProviderIconURLDefault search provider icon
DefaultSearchProviderEncodingsDefault search provider encodings
DefaultSearchProviderAlternateURLsList of alternate URLs for the default search provider
DefaultSearchProviderSearchTermsReplacementKeyParameter controlling search term placement for the default search provider
Extensions
ExtensionInstallBlacklistConfigure extension installation blacklist
ExtensionInstallWhitelistConfigure extension installation whitelist
ExtensionInstallForcelistConfigure the list of force-installed extensions
ExtensionInstallSourcesConfigure extension, app, and user script install sources
ExtensionAllowedTypesConfigure allowed app/extension types
Home page
HomepageLocationConfigure the home page URL
HomepageIsNewTabPageUse New Tab Page as homepage
Password manager
PasswordManagerEnabledEnable the password manager
PasswordManagerAllowShowPasswordsAllow users to show passwords in Password Manager
Policies for HTTP Authentication
AuthSchemesSupported authentication schemes
DisableAuthNegotiateCnameLookupDisable CNAME lookup when negotiating Kerberos authentication
EnableAuthNegotiatePortInclude non-standard port in Kerberos SPN
AuthServerWhitelistAuthentication server whitelist
AuthNegotiateDelegateWhitelistKerberos delegation server whitelist
GSSAPILibraryNameGSSAPI library name
AllowCrossOriginAuthPromptCross-origin HTTP Basic Auth prompts
Power mangement
ScreenDimDelayACScreen dim delay when running on AC power
ScreenOffDelayACScreen off delay when running on AC power
ScreenLockDelayACScreen lock delay when running on AC power
IdleDelayACIdle delay when running on AC power
ScreenDimDelayBatteryScreen dim delay when running on battery power
ScreenOffDelayBatteryScreen off delay when running on battery power
ScreenLockDelayBatteryScreen lock delay when running on battery power
IdleDelayBatteryIdle delay when running on battery power
IdleActionAction to take when the idle delay is reached
LidCloseActionAction to take when the user closes the lid
PowerManagementUsesAudioActivitySpecify whether audio activity affects power management
PowerManagementUsesVideoActivitySpecify whether video activity affects power management
PresentationIdleDelayScalePercentage by which to scale the idle delay in presentation mode
Proxy server
ProxyModeChoose how to specify proxy server settings
ProxyServerModeChoose how to specify proxy server settings
ProxyServerAddress or URL of proxy server
ProxyPacUrlURL to a proxy .pac file
ProxyBypassListProxy bypass rules
Startup pages
RestoreOnStartupAction on startup
RestoreOnStartupURLsURLs to open on startup
AllowFileSelectionDialogsAllow invocation of file selection dialogs
AllowOutdatedPluginsAllow running plugins that are outdated
AlternateErrorPagesEnabledEnable alternate error pages
AlwaysAuthorizePluginsAlways runs plugins that require authorization
ApplicationLocaleValueApplication locale
AudioCaptureAllowedAllow or deny audio capture
AudioOutputAllowedAllow playing audio
AutoFillEnabledEnable AutoFill
BackgroundModeEnabledContinue running background apps when Google Chrome is closed
BlockThirdPartyCookiesBlock third party cookies
BookmarkBarEnabledEnable Bookmark Bar
BuiltInDnsClientEnabledUse built-in DNS client
ChromeOsLockOnIdleSuspendEnable lock when the device become idle or suspended
ChromeOsReleaseChannelRelease channel
ChromeOsReleaseChannelDelegatedWhether the release channel should be configurable by the user
ClearSiteDataOnExitClear site data on browser shutdown (deprecated)
CloudPrintProxyEnabledEnable Google Cloud Print proxy
CloudPrintSubmitEnabledEnable submission of documents to Google Cloud Print
DefaultBrowserSettingEnabledSet Chrome as Default Browser
DeveloperToolsDisabledDisable Developer Tools
DeviceAllowNewUsersAllow creation of new user accounts
DeviceAllowRedeemChromeOsRegistrationOffersAllow users to redeem offers through Chrome OS Registration.
DeviceAppPackList of AppPack extensions
DeviceAutoUpdateDisabledDisables Auto Update
DeviceDataRoamingEnabledEnable data roaming
DeviceEphemeralUsersEnabledWipe user data on sign-out
DeviceGuestModeEnabledEnable guest mode
DeviceIdleLogoutTimeoutTimeout until idle user log-out is executed
DeviceIdleLogoutWarningDurationDuration of the idle log-out warning message
DeviceLoginScreenSaverIdScreen saver to be used on the sign-in screen in retail mode
DeviceLoginScreenSaverTimeoutDuration of inactivity before the screen saver is shown on the sign-in screen in retail mode
DeviceMetricsReportingEnabledEnable metrics reporting
DeviceOpenNetworkConfigurationDevice-level network configuration
DevicePolicyRefreshRateRefresh rate for Device Policy
DeviceShowUserNamesOnSigninShow usernames on login screen
DeviceStartUpUrlsLoad specified urls on demo login
DeviceTargetVersionPrefixTarget Auto Update Version
DeviceUpdateAllowedConnectionTypesConnection types allowed for updates
DeviceUpdateScatterFactorAuto update scatter factor
DeviceUserWhitelistLogin user white list
Disable3DAPIsDisable support for 3D graphics APIs
DisablePluginFinderSpecify whether the plugin finder should be disabled
DisablePrintPreviewDisable Print Preview
DisableSSLRecordSplittingDisable SSL record splitting
DisableSafeBrowsingProceedAnywayDisable proceeding from the Safe Browsing warning page
DisableScreenshotsDisable taking screenshots
DisableSpdyDisable SPDY protocol
DisabledPluginsSpecify a list of disabled plugins
DisabledPluginsExceptionsSpecify a list of plugins that the user can enable or disable
DisabledSchemesDisable URL protocol schemes
DiskCacheDirSet disk cache directory
DiskCacheSizeSet disk cache size in bytes
DnsPrefetchingEnabledEnable network prediction
DownloadDirectorySet download directory
EditBookmarksEnabledEnables or disables bookmark editing
EnableOnlineRevocationChecksWhether online OCSP/CRL checks are performed
EnabledPluginsSpecify a list of enabled plugins
EnterpriseWebStoreNameEnterprise web store name
EnterpriseWebStoreURLEnterprise web store URL
ExternalStorageDisabledDisable mounting of external storage
ForceSafeSearchForce SafeSearch
GCFUserDataDirSet Google Chrome Frame user data directory
HideWebStorePromoPrevent app promotions from appearing on the new tab page
ImportBookmarksImport bookmarks from default browser on first run
ImportHistoryImport browsing history from default browser on first run
ImportHomepageImport of homepage from default browser on first run
ImportSavedPasswordsImport saved passwords from default browser on first run
ImportSearchEngineImport search engines from default browser on first run
IncognitoEnabledEnable Incognito mode
IncognitoModeAvailabilityIncognito mode availability
InstantEnabledEnable Instant
JavascriptEnabledEnable JavaScript
MaxConnectionsPerProxyMaximal number of concurrent connections to the proxy server
MediaCacheSizeSet media disk cache size in bytes
MetricsReportingEnabledEnable reporting of usage and crash-related data
OpenNetworkConfigurationUser-level network configuration
PinnedLauncherAppsList of pinned apps to show in the launcher
PolicyRefreshRateRefresh rate for user policy
PrintingEnabledEnable printing
ReportDeviceActivityTimesReport device activity times
ReportDeviceBootModeReport device boot mode
ReportDeviceVersionInfoReport OS and firmware version
RestrictSigninToPatternRestrict which users are allowed to sign in to Google Chrome
SafeBrowsingEnabledEnable Safe Browsing
SavingBrowserHistoryDisabledDisable saving browser history
SearchSuggestEnabledEnable search suggestions
SessionLengthLimitLimit the session length
ShelfAutoHideBehaviorControl shelf auto-hiding
ShowHomeButtonShow Home button on toolbar
ShowLogoutButtonInTrayAdd a logout button to the system tray
SpellCheckServiceEnabledEnable or disable spell checking web service
SyncDisabledDisable synchronization of data with Google
SystemTimezoneTimezone
TermsOfServiceURLSet the Terms of Service for a device-local account
TranslateEnabledEnable Translate
URLBlacklistBlock access to a list of URLs
URLWhitelistAllows access to a list of URLs
UserDataDirSet user data directory
UserDisplayNameSet the display name for device-local accounts
VideoCaptureAllowedAllow or deny video capture

ChromeFrameContentTypes

Allow Google Chrome Frame to handle the listed content types
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ChromeFrameContentTypes
Mac/Linux preference name:
ChromeFrameContentTypes
Supported on:
  • Google Chrome Frame (Windows) since version 8
Supported features:
Dynamic Policy Refresh: No
Description:
Allow Google Chrome Frame to handle the listed content types. If this policy is not set the default renderer will be used for all sites as specified by the 'ChromeFrameRendererSettings' policy.
Example value:
Windows:
Software\Policies\Google\Chrome\ChromeFrameContentTypes\1 = "text/xml" Software\Policies\Google\Chrome\ChromeFrameContentTypes\2 = "application/xml"
Linux:
["text/xml", "application/xml"]
Mac:
<array> <string>text/xml</string> <string>application/xml</string> </array>
Back to top

RemoteAccessClientFirewallTraversal (deprecated)

Enable firewall traversal from remote access client
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\RemoteAccessClientFirewallTraversal
Mac/Linux preference name:
RemoteAccessClientFirewallTraversal
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 14
  • Google Chrome OS (Google Chrome OS) since version 0.14
Supported features:
Dynamic Policy Refresh: Yes
Description:
This policy is no longer supported. Enables usage of STUN and relay servers when connecting to a remote client. If this setting is enabled, then this machine can discover and connect to remote host machines even if they are separated by a firewall. If this setting is disabled and outgoing UDP connections are filtered by the firewall, then this machine can only connect to host machines within the local network.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

RemoteAccessHostFirewallTraversal

Enable firewall traversal from remote access host
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\RemoteAccessHostFirewallTraversal
Mac/Linux preference name:
RemoteAccessHostFirewallTraversal
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 14
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Enables usage of STUN and relay servers when remote clients are trying to establish a connection to this machine. If this setting is enabled, then remote clients can discover and connect to this machines even if they are separated by a firewall. If this setting is disabled and outgoing UDP connections are filtered by the firewall, then this machine will only allow connections from client machines within the local network. If this policy is left not set the setting will be enabled.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

RemoteAccessHostRequireTwoFactor

Enable two-factor authentication for remote access hosts
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\RemoteAccessHostRequireTwoFactor
Mac/Linux preference name:
RemoteAccessHostRequireTwoFactor
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 22
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Enables two-factor authentication for remote access hosts instead of a user-specified PIN. If this setting is enabled, then users must provide a valid two-factor code when accessing a host. If this setting is disabled or not set, then two-factor will not be enabled and the default behavior of having a user-defined PIN will be used.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

RemoteAccessHostTalkGadgetPrefix

Configure the TalkGadget prefix for remote access hosts
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\RemoteAccessHostTalkGadgetPrefix
Mac/Linux preference name:
RemoteAccessHostTalkGadgetPrefix
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 22
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Configures the TalkGadget prefix that will be used by remote access hosts and prevents users from changing it. If specified, this prefix is prepended to the base TalkGadget name to create a full domain name for the TalkGadget. The base TalkGadget domain name is '.talkgadget.google.com'. If this setting is enabled, then hosts will use the custom domain name when accessing the TalkGadget instead of the default domain name. If this setting is disabled or not set, then the default TalkGadget domain name ('chromoting-host.talkgadget.google.com') will be used for all hosts. Remote access clients are not affected by this policy setting. They will always use 'chromoting-client.talkgadget.google.com' to access the TalkGadget.
Example value:
"chromoting-host"
Back to top

DefaultCookiesSetting

Default cookies setting
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DefaultCookiesSetting
Mac/Linux preference name:
DefaultCookiesSetting
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 10
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set whether websites are allowed to set local data. Setting local data can be either allowed for all websites or denied for all websites. If this policy is left not set, 'AllowCookies' will be used and the user will be able to change it.
  • 1 = Allow all sites to set local data
  • 2 = Do not allow any site to set local data
  • 4 = Keep cookies for the duration of the session
Example value:
0x00000001 (Windows), 1 (Linux/Mac)
Back to top

DefaultPluginsSetting

Default plugins setting
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DefaultPluginsSetting
Mac/Linux preference name:
DefaultPluginsSetting
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 10
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set whether websites are allowed to automatically run plugins. Automatically running plugins can be either allowed for all websites or denied for all websites. Click to play allows plugins to run but the user must click them to start their execution. If this policy is left not set, 'AllowPlugins' will be used and the user will be able to change it.
  • 1 = Allow all sites to automatically run plugins
  • 2 = Block all plugins
  • 3 = Click to play
Example value:
0x00000001 (Windows), 1 (Linux/Mac)
Back to top

DefaultNotificationsSetting

Default notification setting
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DefaultNotificationsSetting
Mac/Linux preference name:
DefaultNotificationsSetting
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 10
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set whether websites are allowed to display desktop notifications. Displaying desktop notifications can be allowed by default, denied by default or the user can be asked every time a website wants to show desktop notifications. If this policy is left not set, 'AskNotifications' will be used and the user will be able to change it.
  • 1 = Allow sites to show desktop notifications
  • 2 = Do not allow any site to show desktop notifications
  • 3 = Ask every time a site wants to show desktop notifications
Example value:
0x00000002 (Windows), 2 (Linux/Mac)
Back to top

DefaultGeolocationSetting

Default geolocation setting
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DefaultGeolocationSetting
Mac/Linux preference name:
DefaultGeolocationSetting
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 10
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set whether websites are allowed to track the users' physical location. Tracking the users' physical location can be allowed by default, denied by default or the user can be asked every time a website requests the physical location. If this policy is left not set, 'AskGeolocation' will be used and the user will be able to change it.
  • 1 = Allow sites to track the users' physical location
  • 2 = Do not allow any site to track the users' physical location
  • 3 = Ask whenever a site wants to track the users' physical location
Example value:
0x00000000 (Windows), 0 (Linux/Mac)
Back to top

DefaultMediaStreamSetting (deprecated)

Default mediastream setting
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DefaultMediaStreamSetting
Mac/Linux preference name:
DefaultMediaStreamSetting
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 22
  • Google Chrome OS (Google Chrome OS) since version 0.22
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set whether websites are allowed to get access to media capture devices. Access to media capture devices can be allowed by default, or the user can be asked every time a website wants to get access to media capture devices. If this policy is left not set, 'PromptOnAccess' will be used and the user will be able to change it.
  • 2 = Do not allow any site to access the camera and microphone
  • 3 = Ask every time a site wants to access the camera and/or microphone
Example value:
0x00000002 (Windows), 2 (Linux/Mac)
Back to top

AutoSelectCertificateForUrls

Automatically select client certificates for these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\AutoSelectCertificateForUrls
Mac/Linux preference name:
AutoSelectCertificateForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 15
  • Google Chrome OS (Google Chrome OS) since version 0.15
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to specify a list of url patterns that specify sites for which Google Chrome should automatically select a client certificates, if the site requests a certificate. If this policy is left not set no auto-selection will be done for any site.
Example value:
Windows:
Software\Policies\Google\Chrome\AutoSelectCertificateForUrls\1 = "{\"pattern\":\"https://www.example.com\",\"filter\":{\"ISSUER\":{\"CN\":\"certificate issuer name\"}}}"
Linux:
["{\"pattern\":\"https://www.example.com\",\"filter\":{\"ISSUER\":{\"CN\":\"certificate issuer name\"}}}"]
Mac:
<array> <string>{\"pattern\":\"https://www.example.com\",\"filter\":{\"ISSUER\":{\"CN\":\"certificate issuer name\"}}}</string> </array>
Back to top

CookiesAllowedForUrls

Allow cookies on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\CookiesAllowedForUrls
Mac/Linux preference name:
CookiesAllowedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are allowed to set cookies. If this policy is left not set the global default value will be used for all sites either from the 'DefaultCookiesSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\CookiesAllowedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\CookiesAllowedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

CookiesBlockedForUrls

Block cookies on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\CookiesBlockedForUrls
Mac/Linux preference name:
CookiesBlockedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are not allowed to set cookies. If this policy is left not set the global default value will be used for all sites either from the 'DefaultCookiesSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\CookiesBlockedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\CookiesBlockedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

CookiesSessionOnlyForUrls

Allow session only cookies on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\CookiesSessionOnlyForUrls
Mac/Linux preference name:
CookiesSessionOnlyForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are allowed to set session only cookies. If this policy is left not set the global default value will be used for all sites either from the 'DefaultCookiesSetting' policy if it is set, or the user's personal configuration otherwise. If the "RestoreOnStartup" policy is set to restore URLs from previous sessions this policy will not be respectred and cookies will be stored permanently for those sites.
Example value:
Windows:
Software\Policies\Google\Chrome\CookiesSessionOnlyForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\CookiesSessionOnlyForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

ImagesAllowedForUrls

Allow images on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ImagesAllowedForUrls
Mac/Linux preference name:
ImagesAllowedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are allowed to display images. If this policy is left not set the global default value will be used for all sites either from the 'DefaultImagesSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\ImagesAllowedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\ImagesAllowedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

ImagesBlockedForUrls

Block images on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ImagesBlockedForUrls
Mac/Linux preference name:
ImagesBlockedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are not allowed to display images. If this policy is left not set the global default value will be used for all sites either from the 'DefaultImagesSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\ImagesBlockedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\ImagesBlockedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

JavaScriptAllowedForUrls

Allow JavaScript on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\JavaScriptAllowedForUrls
Mac/Linux preference name:
JavaScriptAllowedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are allowed to run JavaScript. If this policy is left not set the global default value will be used for all sites either from the 'DefaultJavaScriptSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\JavaScriptAllowedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\JavaScriptAllowedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

JavaScriptBlockedForUrls

Block JavaScript on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\JavaScriptBlockedForUrls
Mac/Linux preference name:
JavaScriptBlockedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are not allowed to run JavaScript. If this policy is left not set the global default value will be used for all sites either from the 'DefaultJavaScriptSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\JavaScriptBlockedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\JavaScriptBlockedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

PluginsAllowedForUrls

Allow plugins on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\PluginsAllowedForUrls
Mac/Linux preference name:
PluginsAllowedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are allowed to run plugins. If this policy is left not set the global default value will be used for all sites either from the 'DefaultPluginsSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\PluginsAllowedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\PluginsAllowedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

PluginsBlockedForUrls

Block plugins on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\PluginsBlockedForUrls
Mac/Linux preference name:
PluginsBlockedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are not allowed to run plugins. If this policy is left not set the global default value will be used for all sites either from the 'DefaultPluginsSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\PluginsBlockedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\PluginsBlockedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

PopupsAllowedForUrls

Allow popups on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\PopupsAllowedForUrls
Mac/Linux preference name:
PopupsAllowedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are allowed to open popups. If this policy is left not set the global default value will be used for all sites either from the 'DefaultPopupsSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\PopupsAllowedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\PopupsAllowedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

PopupsBlockedForUrls

Block popups on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\PopupsBlockedForUrls
Mac/Linux preference name:
PopupsBlockedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are not allowed to open popups. If this policy is left not set the global default value will be used for all sites either from the 'DefaultPopupsSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\PopupsBlockedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\PopupsBlockedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

NotificationsAllowedForUrls

Allow notifications on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\NotificationsAllowedForUrls
Mac/Linux preference name:
NotificationsAllowedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 16
  • Google Chrome OS (Google Chrome OS) since version 0.16
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are allowed to display notifications. If this policy is left not set the global default value will be used for all sites either from the 'DefaultNotificationsSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\NotificationsAllowedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\NotificationsAllowedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

NotificationsBlockedForUrls

Block notifications on these sites
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\NotificationsBlockedForUrls
Mac/Linux preference name:
NotificationsBlockedForUrls
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 16
  • Google Chrome OS (Google Chrome OS) since version 0.16
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to set a list of url patterns that specify sites which are not allowed to display notifications. If this policy is left not set the global default value will be used for all sites either from the 'DefaultNotificationsSetting' policy if it is set, or the user's personal configuration otherwise.
Example value:
Windows:
Software\Policies\Google\Chrome\NotificationsBlockedForUrls\1 = "http://www.example.com" Software\Policies\Google\Chrome\NotificationsBlockedForUrls\2 = "[*.]example.edu"
Linux:
["http://www.example.com", "[*.]example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>[*.]example.edu</string> </array>
Back to top

RenderInChromeFrameList

Always render the following URL patterns in Google Chrome Frame
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\RenderInChromeFrameList
Mac/Linux preference name:
RenderInChromeFrameList
Supported on:
  • Google Chrome Frame (Windows) since version 8
Supported features:
Dynamic Policy Refresh: No
Description:
Customize the list of URL patterns that should always be rendered by Google Chrome Frame. If this policy is not set the default renderer will be used for all sites as specified by the 'ChromeFrameRendererSettings' policy. For example patterns see http://www.chromium.org/developers/how-tos/chrome-frame-getting-started.
Example value:
Windows:
Software\Policies\Google\Chrome\RenderInChromeFrameList\1 = "http://www.example.com" Software\Policies\Google\Chrome\RenderInChromeFrameList\2 = "http://www.example.edu"
Linux:
["http://www.example.com", "http://www.example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>http://www.example.edu</string> </array>
Back to top

RenderInHostList

Always render the following URL patterns in the host browser
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\RenderInHostList
Mac/Linux preference name:
RenderInHostList
Supported on:
  • Google Chrome Frame (Windows) since version 8
Supported features:
Dynamic Policy Refresh: No
Description:
Customize the list of URL patterns that should always be rendered by the host browser. If this policy is not set the default renderer will be used for all sites as specified by the 'ChromeFrameRendererSettings' policy. For example patterns see http://www.chromium.org/developers/how-tos/chrome-frame-getting-started.
Example value:
Windows:
Software\Policies\Google\Chrome\RenderInHostList\1 = "http://www.example.com" Software\Policies\Google\Chrome\RenderInHostList\2 = "http://www.example.edu"
Linux:
["http://www.example.com", "http://www.example.edu"]
Mac:
<array> <string>http://www.example.com</string> <string>http://www.example.edu</string> </array>
Back to top

DefaultSearchProviderEnabled

Enable the default search provider
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DefaultSearchProviderEnabled
Mac/Linux preference name:
DefaultSearchProviderEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables the use of a default search provider. If you enable this setting, a default search is performed when the user types text in the omnibox that is not a URL. You can specify the default search provider to be used by setting the rest of the default search policies. If these are left empty, the user can choose the default provider. If you disable this setting, no search is performed when the user enters non-URL text in the omnibox. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set, the default search provider is enabled, and the user will be able to set the search provider list.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

DefaultSearchProviderSearchURL

Default search provider search URL
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DefaultSearchProviderSearchURL
Mac/Linux preference name:
DefaultSearchProviderSearchURL
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies the URL of the search engine used when doing a default search. The URL should contain the string '{searchTerms}', which will be replaced at query time by the terms the user is searching for. This option must be set when the 'DefaultSearchProviderEnabled' policy is enabled and will only be respected if this is the case.
Example value:
"http://search.my.company/search?q={searchTerms}"
Back to top

DefaultSearchProviderSuggestURL

Default search provider suggest URL
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DefaultSearchProviderSuggestURL
Mac/Linux preference name:
DefaultSearchProviderSuggestURL
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies the URL of the search engine used to provide search suggestions. The URL should contain the string '{searchTerms}', which will be replaced at query time by the text the user has entered so far. This policy is optional. If not set, no suggest URL will be used. This policy is only respected if the 'DefaultSearchProviderEnabled' policy is enabled.
Example value:
"http://search.my.company/suggest?q={searchTerms}"
Back to top

DefaultSearchProviderInstantURL

Default search provider instant URL
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DefaultSearchProviderInstantURL
Mac/Linux preference name:
DefaultSearchProviderInstantURL
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 10
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies the URL of the search engine used to provide instant results. The URL should contain the string '{searchTerms}', which will be replaced at query time by the text the user has entered so far. This policy is optional. If not set, no instant search results will be provided. This policy is only respected if the 'DefaultSearchProviderEnabled' policy is enabled.
Example value:
"http://search.my.company/suggest?q={searchTerms}"
Back to top

DefaultSearchProviderEncodings

Default search provider encodings
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DefaultSearchProviderEncodings
Mac/Linux preference name:
DefaultSearchProviderEncodings
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies the character encodings supported by the search provider. Encodings are code page names like UTF-8, GB2312, and ISO-8859-1. They are tried in the order provided. This policy is optional. If not set, the default will be used which is UTF-8. This policy is only respected if the 'DefaultSearchProviderEnabled' policy is enabled.
Example value:
Windows:
Software\Policies\Google\Chrome\DefaultSearchProviderEncodings\1 = "UTF-8" Software\Policies\Google\Chrome\DefaultSearchProviderEncodings\2 = "UTF-16" Software\Policies\Google\Chrome\DefaultSearchProviderEncodings\3 = "GB2312" Software\Policies\Google\Chrome\DefaultSearchProviderEncodings\4 = "ISO-8859-1"
Linux:
["UTF-8", "UTF-16", "GB2312", "ISO-8859-1"]
Mac:
<array> <string>UTF-8</string> <string>UTF-16</string> <string>GB2312</string> <string>ISO-8859-1</string> </array>
Back to top

DefaultSearchProviderAlternateURLs

List of alternate URLs for the default search provider
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DefaultSearchProviderAlternateURLs
Mac/Linux preference name:
DefaultSearchProviderAlternateURLs
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 24
  • Google Chrome OS (Google Chrome OS) since version 0.24
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies a list of alternate URLs that can be used to extract search terms from the search engine. The URLs should contain the string '{searchTerms}', which will be used to extract the search terms. This policy is optional. If not set, no alternate urls will be used to extract search terms. This policy is only respected if the 'DefaultSearchProviderEnabled' policy is enabled.
Example value:
Windows:
Software\Policies\Google\Chrome\DefaultSearchProviderAlternateURLs\1 = "http://search.my.company/suggest#q={searchTerms}" Software\Policies\Google\Chrome\DefaultSearchProviderAlternateURLs\2 = "http://search.my.company/suggest/search#q={searchTerms}"
Linux:
["http://search.my.company/suggest#q={searchTerms}", "http://search.my.company/suggest/search#q={searchTerms}"]
Mac:
<array> <string>http://search.my.company/suggest#q={searchTerms}</string> <string>http://search.my.company/suggest/search#q={searchTerms}</string> </array>
Back to top

DefaultSearchProviderSearchTermsReplacementKey

Parameter controlling search term placement for the default search provider
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DefaultSearchProviderSearchTermsReplacementKey
Mac/Linux preference name:
DefaultSearchProviderSearchTermsReplacementKey
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 25
  • Google Chrome OS (Google Chrome OS) since version 0.25
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
If this policy is set and a search URL suggested from the omnibox contains this parameter in the query string or in the fragment identifier, then the suggestion will show the search terms and search provider instead of the raw search URL. This policy is optional. If not set, no search term replacement will be performed. This policy is only respected if the 'DefaultSearchProviderEnabled' policy is enabled.
Example value:
"espv"
Back to top

ExtensionInstallBlacklist

Configure extension installation blacklist
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ExtensionInstallBlacklist
Mac/Linux preference name:
ExtensionInstallBlacklist
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to specify which extensions the users can NOT install. Extensions already installed will be removed if blacklisted. A blacklist value of '*' means all extensions are blacklisted unless they are explicitly listed in the whitelist. If this policy is left not set the user can install any extension in Google Chrome.
Example value:
Windows:
Software\Policies\Google\Chrome\ExtensionInstallBlacklist\1 = "extension_id1" Software\Policies\Google\Chrome\ExtensionInstallBlacklist\2 = "extension_id2"
Linux:
["extension_id1", "extension_id2"]
Mac:
<array> <string>extension_id1</string> <string>extension_id2</string> </array>
Back to top

ExtensionInstallWhitelist

Configure extension installation whitelist
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ExtensionInstallWhitelist
Mac/Linux preference name:
ExtensionInstallWhitelist
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to specify which extensions are not subject to the blacklist. A blacklist value of * means all extensions are blacklisted and users can only install extensions listed in the whitelist. By default, all extensions are whitelisted, but if all extensions have been blacklisted by policy, the whitelist can be used to override that policy.
Example value:
Windows:
Software\Policies\Google\Chrome\ExtensionInstallWhitelist\1 = "extension_id1" Software\Policies\Google\Chrome\ExtensionInstallWhitelist\2 = "extension_id2"
Linux:
["extension_id1", "extension_id2"]
Mac:
<array> <string>extension_id1</string> <string>extension_id2</string> </array>
Back to top

ExtensionInstallForcelist

Configure the list of force-installed extensions
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ExtensionInstallForcelist
Mac/Linux preference name:
ExtensionInstallForcelist
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 9
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to specify a list of extensions that will be installed silently, without user interaction. Each item of the list is a string that contains an extension ID and an update URL delimited by a semicolon (;). The extension ID is the 32-letter string found e.g. on chrome://extensions when in developer mode. The update URL should point to an Update Manifest XML document as described athttp://code.google.com/chrome/extensions/autoupdate.html. Note that the update URL set in this policy is only used for the initial installation; subsequent updates of the extension will use the update URL indicated in the extension's manifest. For each item, Google Chrome will retrieve the extension specified by the extension ID from the update service at the specified update URL and silently install it. For example, lcncmkcnkcdbbanbjakcencbaoegdjlp;https://clients2.google.com/service/update2/crx installs the Google SSL Web Search extension from the standard Chrome Web Store update URL. For more information about hosting extensions, see: http://code.google.com/chrome/extensions/hosting.html. Users will be unable to uninstall extensions that are specified by this policy. If you remove an extension from this list, then it will be automatically uninstalled by Google Chrome. Extensions specified in this list are also automatically whitelisted for installation; the ExtensionsInstallBlacklist does not affect them. If this policy is left not set the user can uninstall any extension in Google Chrome.
Example value:
Windows:
Software\Policies\Google\Chrome\ExtensionInstallForcelist\1 = "lcncmkcnkcdbbanbjakcencbaoegdjlp;https://clients2.google.com/service/update2/crx"
Linux:
["lcncmkcnkcdbbanbjakcencbaoegdjlp;https://clients2.google.com/service/update2/crx"]
Mac:
<array> <string>lcncmkcnkcdbbanbjakcencbaoegdjlp;https://clients2.google.com/service/update2/crx</string> </array>
Back to top

ExtensionInstallSources

Configure extension, app, and user script install sources
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ExtensionInstallSources
Mac/Linux preference name:
ExtensionInstallSources
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 21
  • Google Chrome OS (Google Chrome OS) since version 21
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to specify which URLs are allowed to install extensions, apps, and themes. Starting in Chrome 21, it is more difficult to install extensions, apps, and user scripts from outside the Chrome Web Store. Previously, users could click on a link to a *.crx file, and Chrome would offer to install the file after a few warnings. After Chrome 21, such files must be downloaded and dragged onto the Chrome settings page. This setting allows specific URLs to have the old, easier installation flow. Each item in this list is an extension-style match pattern (see http://code.google.com/chrome/extensions/match_patterns.html). Users will be able to easily install items from any URL that matches an item in this list. Both the location of the *.crx file and the page where the download is started from (i.e. the referrer) must be allowed by these patterns. ExtensionInstallBlacklist takes precedence over this policy. That is, an extension on the blacklist won't be installed, even if it happens from a site on this list.
Example value:
Windows:
Software\Policies\Google\Chrome\ExtensionInstallSources\1 = "https://corp.mycompany.com/*"
Linux:
["https://corp.mycompany.com/*"]
Mac:
<array> <string>https://corp.mycompany.com/*</string> </array>
Back to top

ExtensionAllowedTypes

Configure allowed app/extension types
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\ExtensionAllowedTypes
Mac/Linux preference name:
ExtensionAllowedTypes
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 25
  • Google Chrome OS (Google Chrome OS) since version 25
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Controls which app/extension types are allowed to be installed. This setting white-lists the allowed types of extension/apps that can be installed in Google Chrome. The value is a list of strings, each of which should be one of the following: "extension", "theme", "user_script", "hosted_app", "legacy_packaged_app", "platform_app". See the Chrome extensions documentation for more information on these types. Note that this policy also affects extensions and apps to be force-installed via ExtensionInstallForcelist. If this setting is configured, extensions/apps which have a type that is not on the list will not be installed. If this settings is left not-configured, no restrictions on the acceptable extension/app types are enforced.
Example value:
Windows:
Software\Policies\Google\Chrome\ExtensionAllowedTypes\1 = "hosted_app"
Linux:
["hosted_app"]
Mac:
<array> <string>hosted_app</string> </array>
Back to top

HomepageLocation

Configure the home page URL
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\HomepageLocation
Mac/Linux preference name:
HomepageLocation
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Configures the default home page URL in Google Chrome and prevents users from changing it. The home page is the page opened by the Home button. The pages that open on startup are controlled by the RestoreOnStartup policies. The home page type can either be set to a URL you specify here or set to the New Tab Page. If you select the New Tab Page, then this policy does not take effect. If you enable this setting, users cannot change their home page URL in Google Chrome, but they can still can choose the New Tab Page as their home page. Leaving this policy not set will allow the user to choose his home page on his own if HomepageIsNewTabPage is not set too.
Example value:
"http://chromium.org"
Back to top

HomepageIsNewTabPage

Use New Tab Page as homepage
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\HomepageIsNewTabPage
Mac/Linux preference name:
HomepageIsNewTabPage
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Configures the type of the default home page in Google Chrome and prevents users from changing home page preferences. The home page can either be set to a URL you specify or set to the New Tab Page. If you enable this setting, the New Tab Page is always used for the home page, and the home page URL location is ignored. If you disable this setting, the user's homepage will never be the New Tab Page, unless its URL is set to 'chrome://newtab'. If you enable or disable this setting, users cannot change their homepage type in Google Chrome. Leaving this policy not set will allow the user to choose whether the new tab page is his home page on his own.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

PasswordManagerEnabled

Enable the password manager
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\PasswordManagerEnabled
Mac/Linux preference name:
PasswordManagerEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables saving passwords and using saved passwords in Google Chrome. If you enable this setting, users can have Google Chrome memorize passwords and provide them automatically the next time they log in to a site. If you disable this setting, users are not able to save passwords or use already saved passwords. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set, this will be enabled but the user will be able to change it.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

PasswordManagerAllowShowPasswords

Allow users to show passwords in Password Manager
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\PasswordManagerAllowShowPasswords
Mac/Linux preference name:
PasswordManagerAllowShowPasswords
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Controls whether the user may show passwords in clear text in the password manager. If you disable this setting, the password manager does not allow showing stored passwords in clear text in the password manager window. If you enable or do not set this policy, users can view their passwords in clear text in the password manager.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

DisableAuthNegotiateCnameLookup

Disable CNAME lookup when negotiating Kerberos authentication
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DisableAuthNegotiateCnameLookup
Mac/Linux preference name:
DisableAuthNegotiateCnameLookup
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 9
Supported features:
Dynamic Policy Refresh: No, Per Profile: No
Description:
Specifies whether the generated Kerberos SPN is based on the canonical DNS name or the original name entered. If you enable this setting, CNAME lookup will be skipped and the server name will be used as entered. If you disable this setting or leave it not set, the canonical name of the server will be determined via CNAME lookup.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

ScreenDimDelayAC

Screen dim delay when running on AC power
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ScreenDimDelayAC
Mac/Linux preference name:
ScreenDimDelayAC
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the length of time without user input after which the screen is dimmed when running on AC power. When this policy is set to a value greater than zero, it specifies the length of time that the user must remain idle before Google Chrome OS dims the screen. When this policy is set to zero, Google Chrome OS does not dim the screen when the user becomes idle. When this policy is unset, a default length of time is used. The policy value should be specified in milliseconds. Values are clamped to be less than or equal the screen off delay (if set) and the idle delay.
Example value:
0x000668a0 (Windows), 420000 (Linux/Mac)
Back to top

ScreenOffDelayAC

Screen off delay when running on AC power
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ScreenOffDelayAC
Mac/Linux preference name:
ScreenOffDelayAC
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the length of time without user input after which the screen is turned off when running on AC power. When this policy is set to a value greater than zero, it specifies the length of time that the user must remain idle before Google Chrome OS turns off the screen. When this policy is set to zero, Google Chrome OS does not turn off the screen when the user becomes idle. When this policy is unset, a default length of time is used. The policy value should be specified in milliseconds. Values are clamped to be less than or equal the idle delay.
Example value:
0x00075300 (Windows), 480000 (Linux/Mac)
Back to top

ScreenLockDelayAC

Screen lock delay when running on AC power
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ScreenLockDelayAC
Mac/Linux preference name:
ScreenLockDelayAC
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the length of time without user input after which the screen is locked when running on AC power. When this policy is set to a value greater than zero, it specifies the length of time that the user must remain idle before Google Chrome OS locks the screen. When this policy is set to zero, Google Chrome OS does not lock the screen when the user becomes idle. When this policy is unset, a default length of time is used. The recommended way to lock the screen on idle is to enable screen locking on suspend and have Google Chrome OS suspend after the idle delay. This policy should only be used when screen locking should occur a significant amount of time sooner than suspend or when suspend on idle is not desired at all. The policy value should be specified in milliseconds. Values are clamped to be less than the idle delay.
Example value:
0x000927c0 (Windows), 600000 (Linux/Mac)
Back to top

ScreenDimDelayBattery

Screen dim delay when running on battery power
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ScreenDimDelayBattery
Mac/Linux preference name:
ScreenDimDelayBattery
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the length of time without user input after which the screen is dimmed when running on battery power. When this policy is set to a value greater than zero, it specifies the length of time that the user must remain idle before Google Chrome OS dims the screen. When this policy is set to zero, Google Chrome OS does not dim the screen when the user becomes idle. When this policy is unset, a default length of time is used. The policy value should be specified in milliseconds. Values are clamped to be less than or equal the screen off delay (if set) and the idle delay.
Example value:
0x000493e0 (Windows), 300000 (Linux/Mac)
Back to top

ScreenOffDelayBattery

Screen off delay when running on battery power
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ScreenOffDelayBattery
Mac/Linux preference name:
ScreenOffDelayBattery
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the length of time without user input after which the screen is turned off when running on battery power. When this policy is set to a value greater than zero, it specifies the length of time that the user must remain idle before Google Chrome OS turns off the screen. When this policy is set to zero, Google Chrome OS does not turn off the screen when the user becomes idle. When this policy is unset, a default length of time is used. The policy value should be specified in milliseconds. Values are clamped to be less than or equal the idle delay.
Example value:
0x00057e40 (Windows), 360000 (Linux/Mac)
Back to top

ScreenLockDelayBattery

Screen lock delay when running on battery power
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ScreenLockDelayBattery
Mac/Linux preference name:
ScreenLockDelayBattery
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the length of time without user input after which the screen is locked when running on battery power. When this policy is set to a value greater than zero, it specifies the length of time that the user must remain idle before Google Chrome OS locks the screen. When this policy is set to zero, Google Chrome OS does not lock the screen when the user becomes idle. When this policy is unset, a default length of time is used. The recommended way to lock the screen on idle is to enable screen locking on suspend and have Google Chrome OS suspend after the idle delay. This policy should only be used when screen locking should occur a significant amount of time sooner than suspend or when suspend on idle is not desired at all. The policy value should be specified in milliseconds. Values are clamped to be less than the idle delay.
Example value:
0x000927c0 (Windows), 600000 (Linux/Mac)
Back to top

IdleDelayBattery

Idle delay when running on battery power
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\IdleDelayBattery
Mac/Linux preference name:
IdleDelayBattery
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the length of time without user input after which the idle action is taken when running on battery power. When this policy is set, it specifies the length of time that the user must remain idle before Google Chrome OS takes the idle action, which can be configured separately. When this policy is unset, a default length of time is used. The policy value should be specified in milliseconds.
Example value:
0x000927c0 (Windows), 600000 (Linux/Mac)
Back to top

IdleAction

Action to take when the idle delay is reached
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\IdleAction
Mac/Linux preference name:
IdleAction
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specify the action to take when the idle delay is reached. When this policy is set, it specifies the action that Google Chrome OS takes when the user remains idle for the length of time given by the idle delay, which can be configured separately. When this policy is unset, the default action is taken, which is suspend. If the action is suspend, Google Chrome OS can separately be configured to either lock or not lock the screen before suspending.
  • 0 = Suspend
  • 1 = Log out the user
  • 2 = Shut down
  • 3 = Do nothing
Example value:
0x00000000 (Windows), 0 (Linux/Mac)
Back to top

LidCloseAction

Action to take when the user closes the lid
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\LidCloseAction
Mac/Linux preference name:
LidCloseAction
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specify the action to take when the user closes the lid. When this policy is set, it specifies the action that Google Chrome OS takes when the user closes the device's lid. When this policy is unset, the default action is taken, which is suspend. If the action is suspend, Google Chrome OS can separately be configured to either lock or not lock the screen before suspending.
  • 0 = Suspend
  • 1 = Log out the user
  • 2 = Shut down
  • 3 = Do nothing
Example value:
0x00000000 (Windows), 0 (Linux/Mac)
Back to top

PowerManagementUsesAudioActivity

Specify whether audio activity affects power management
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\PowerManagementUsesAudioActivity
Mac/Linux preference name:
PowerManagementUsesAudioActivity
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies whether audio activity affects power management. If this policy is set to True or is unset, the user is not considered to be idle while audio is playing. This prevents the idle timeout from being reached and the idle action from being taken. However, screen dimming, screen off and screen lock will be performed after the configured timeouts, irrespective of audio activity. If this policy is set to False, audio activity does not prevent the user from being considered idle.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

PowerManagementUsesVideoActivity

Specify whether video activity affects power management
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\PowerManagementUsesVideoActivity
Mac/Linux preference name:
PowerManagementUsesVideoActivity
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies whether vidoe activity affects power management. If this policy is set to True or is unset, the user is not considered to be idle while video is playing. This prevents the idle delay, screen dim delay, screen off delay and screen lock delay from being reached and the corresponding actions from being taken. If this policy is set to False, video activity does not prevent the user from being considered idle.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

PresentationIdleDelayScale

Percentage by which to scale the idle delay in presentation mode
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\PresentationIdleDelayScale
Mac/Linux preference name:
PresentationIdleDelayScale
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies the percentage by which the idle delay is scaled when the device is in presentation node. If this policy is set, it specifies the percentage by which the idle delay is scaled when the device is in presentation mode. When the idle delay is scaled, the screen dimming, screen off and screen lock delays get adjusted to maintain the same distances from the idle delay as originally configured. If this policy is unset, a default scale factor is used. The scale factor must be 100% or more. Values that would make the idle delay in presentation mode shorter than the regular idle delay are not allowed.
Example value:
0x000000c8 (Windows), 200 (Linux/Mac)
Back to top

ProxyMode

Choose how to specify proxy server settings
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\ProxyMode
Mac/Linux preference name:
ProxyMode
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 10
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to specify the proxy server used by Google Chrome and prevents users from changing proxy settings. If you choose to never use a proxy server and always connect directly, all other options are ignored. If you choose to use system proxy settings or auto detect the proxy server, all other options are ignored. If you choose fixed server proxy mode, you can specify further options in 'Address or URL of proxy server' and 'Comma-separated list of proxy bypass rules'. If you choose to use a .pac proxy script, you must specify the URL to the script in 'URL to a proxy .pac file'. For detailed examples, visit:http://www.chromium.org/developers/design-documents/network-settings#TOC-Command-line-options-for-proxy-sett If you enable this setting, Google Chrome ignores all proxy-related options specified from the command line. Leaving this policy not set will allow the users to choose the proxy settings on their own.
  • "direct" = Never use a proxy
  • "auto_detect" = Auto detect proxy settings
  • "pac_script" = Use a .pac proxy script
  • "fixed_servers" = Use fixed proxy servers
  • "system" = Use system proxy settings
Example value:
"direct"
Back to top

ProxyServerMode (deprecated)

Choose how to specify proxy server settings
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ProxyServerMode
Mac/Linux preference name:
ProxyServerMode
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
This policy is deprecated, use ProxyMode instead. Allows you to specify the proxy server used by Google Chrome and prevents users from changing proxy settings. If you choose to never use a proxy server and always connect directly, all other options are ignored. If you choose to use system proxy settings or auto detect the proxy server, all other options are ignored. If you choose manual proxy settings, you can specify further options in 'Address or URL of proxy server', 'URL to a proxy .pac file' and 'Comma-separated list of proxy bypass rules'. For detailed examples, visit: http://www.chromium.org/developers/design-documents/network-settings#TOC-Command-line-options-for-proxy-sett If you enable this setting, Google Chrome ignores all proxy-related options specified from the command line. Leaving this policy not set will allow the users to choose the proxy settings on their own.
  • 0 = Never use a proxy
  • 1 = Auto detect proxy settings
  • 2 = Manually specify proxy settings
  • 3 = Use system proxy settings
Example value:
0x00000002 (Windows), 2 (Linux/Mac)
Back to top

ProxyServer

Address or URL of proxy server
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\ProxyServer
Mac/Linux preference name:
ProxyServer
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
You can specify the URL of the proxy server here. This policy only takes effect if you have selected manual proxy settings at 'Choose how to specify proxy server settings'. You should leave this policy not set if you have selected any other mode for setting proxy policies. For more options and detailed examples, visit: http://www.chromium.org/developers/design-documents/network-settings#TOC-Command-line-options-for-proxy-sett
Example value:
"123.123.123.123:8080"
Back to top

ProxyPacUrl

URL to a proxy .pac file
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\ProxyPacUrl
Mac/Linux preference name:
ProxyPacUrl
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
You can specify a URL to a proxy .pac file here. This policy only takes effect if you have selected manual proxy settings at 'Choose how to specify proxy server settings'. You should leave this policy not set if you have selected any other mode for setting proxy policies. For detailed examples, visit: http://www.chromium.org/developers/design-documents/network-settings#TOC-Command-line-options-for-proxy-sett
Example value:
"http://internal.site/example.pac"
Back to top

ProxyBypassList

Proxy bypass rules
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\ProxyBypassList
Mac/Linux preference name:
ProxyBypassList
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Google Chrome will bypass any proxy for the list of hosts given here. This policy only takes effect if you have selected manual proxy settings at 'Choose how to specify proxy server settings'. You should leave this policy not set if you have selected any other mode for setting proxy policies. For more detailed examples, visit: http://www.chromium.org/developers/design-documents/network-settings#TOC-Command-line-options-for-proxy-sett
Example value:
"http://www.example1.com,http://www.example2.com,http://internalsite/"
Back to top

RestoreOnStartup

Action on startup
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\RestoreOnStartup
Mac/Linux preference name:
RestoreOnStartup
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows you to specify the behavior on startup. If you choose 'Open New Tab Page' the New Tab Page will always be opened when you start Google Chrome. If you choose 'Restore the last session', the URLs that were open last time Google Chrome was closed will be reopened and the browsing session will be restored as it was left. Choosing this option disables some settings that rely on sessions or that perform actions on exit (such as Clear browsing data on exit or session-only cookies). If you choose 'Open a list of URLs', the list of 'URLs to open on startup' will be opened when a user starts Google Chrome. If you enable this setting, users cannot change or override it in Google Chrome. Disabling this setting is equvalent to leaving it not configured. The user will still be able to change it in Google Chrome.
  • 5 = Open New Tab Page
  • 1 = Restore the last session
  • 4 = Open a list of URLs
Example value:
0x00000004 (Windows), 4 (Linux/Mac)
Back to top

RestoreOnStartupURLs

URLs to open on startup
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\RestoreOnStartupURLs
Mac/Linux preference name:
RestoreOnStartupURLs
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
If 'Open a list of URLs' is selected as the startup action, this allows you to specify the list of URLs that are opened. If left not set no URL will be opened on start up. This policy only works if the 'RestoreOnStartup' policy is set to 'RestoreOnStartupIsURLs'.
Example value:
Windows:
Software\Policies\Google\Chrome\RestoreOnStartupURLs\1 = "http://example.com" Software\Policies\Google\Chrome\RestoreOnStartupURLs\2 = "http://chromium.org"
Linux:
["http://example.com", "http://chromium.org"]
Mac:
<array> <string>http://example.com</string> <string>http://chromium.org</string> </array>
Back to top

AllowFileSelectionDialogs

Allow invocation of file selection dialogs
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\AllowFileSelectionDialogs
Mac/Linux preference name:
AllowFileSelectionDialogs
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 12
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Allows access to local files on the machine by allowing Google Chrome to display file selection dialogs. If you enable this setting, users can open file selection dialogs as normal. If you disable this setting, whenever the user performs an action which would provoke a file selection dialog (like importing bookmarks, uploading files, saving links, etc.) a message is displayed instead and the user is assumed to have clicked Cancel on the file selection dialog. If this setting is not set, users can open file selection dialogs as normal.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

AllowOutdatedPlugins

Allow running plugins that are outdated
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\AllowOutdatedPlugins
Mac/Linux preference name:
AllowOutdatedPlugins
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 12
  • Google Chrome OS (Google Chrome OS) since version 0.12
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows Google Chrome to run plugins that are outdated. If you enable this setting, outdated plugins are used as normal plugins. If you disable this setting, outdated plugins will not be used and users will not be asked for permission to run them. If this setting is not set, users will be asked for permission to run outdated plugins.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

AlternateErrorPagesEnabled

Enable alternate error pages
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\AlternateErrorPagesEnabled
Mac/Linux preference name:
AlternateErrorPagesEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables the use of alternate error pages that are built into Google Chrome (such as 'page not found') and prevents users from changing this setting. If you enable this setting, alternate error pages are used. If you disable this setting, alternate error pages are never used. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set, this will be enabled but the user will be able to change it.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

AudioOutputAllowed

Allow playing audio
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\AudioOutputAllowed
Mac/Linux preference name:
AudioOutputAllowed
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.23
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Allow playing audio. When this policy is set to false, audio output will not be available on the device while the user is logged in. This policy affects all types of audio output and not only the built-in speakers. Audio accessability features are also inhibited by this policy. Do not enable this policy if a screen reader is required for the user. If this setting is set to true or not configured then users can use all supported audio outputs on their device.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

AutoFillEnabled

Enable AutoFill
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\AutoFillEnabled
Mac/Linux preference name:
AutoFillEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables Google Chrome's AutoFill feature and allows users to auto complete web forms using previously stored information such as address or credit card information. If you disable this setting, AutoFill will be inaccessible to users. If you enable this setting or do not set a value, AutoFill will remain under the control of the user. This will allow them to configure AutoFill profiles and to switch AutoFill on or off at their own discretion.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

BackgroundModeEnabled

Continue running background apps when Google Chrome is closed
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\BackgroundModeEnabled
Mac/Linux preference name:
BackgroundModeEnabled
Supported on:
  • Google Chrome (Windows) since version 19
  • Google Chrome (Linux) since version 19
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Determines whether a Google Chrome process is started on OS login and keeps running when the last browser window is closed, allowing background apps to remain active. The background process displays an icon in the system tray and can always be closed from there. If this policy is set to True, background mode is enabled and cannot be controlled by the user in the browser settings. If this policy is set to False, background mode is disabled and cannot be controlled by the user in the browser settings. If this policy is left unset, background mode is initially disabled and can be controlled by the user in the browser settings.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

BlockThirdPartyCookies

Block third party cookies
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\BlockThirdPartyCookies
Mac/Linux preference name:
BlockThirdPartyCookies
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 10
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Blocks third party cookies. Enabling this setting prevents cookies from being set by web page elements that are not from the domain that is in the browser's address bar. Disabling this setting allows cookies to be set by web page elements that are not from the domain that is in the browser's address bar and prevents users from changing this setting. If this policy is left not set, third party cookies will be enabled but the user will be able to change that.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

BookmarkBarEnabled

Enable Bookmark Bar
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\BookmarkBarEnabled
Mac/Linux preference name:
BookmarkBarEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 12
  • Google Chrome OS (Google Chrome OS) since version 0.12
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables the bookmark bar on Google Chrome. If you enable this setting, Google Chrome will show a bookmark bar. If you disable this setting, users will never see the bookmark bar. If you enable or disable this setting, users cannot change or override it in Google Chrome. If this setting is left not set the user can decide to use this function or not.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

BuiltInDnsClientEnabled

Use built-in DNS client
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\BuiltInDnsClientEnabled
Mac/Linux preference name:
BuiltInDnsClientEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 25
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Controls whether the built-in DNS client is used in Google Chrome. If this policy is set to true, the built-in DNS client will be used, if available. If this policy is set to false, the built-in DNS client will never be used. If this policy is left not set, the users will be able to change whether the built-in DNS client is used by editing chrome://flags or specifying a command-line flag.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

ChromeOsLockOnIdleSuspend

Enable lock when the device become idle or suspended
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ChromeOsLockOnIdleSuspend
Mac/Linux preference name:
ChromeOsLockOnIdleSuspend
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.9
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enable lock when Google Chrome OS devices become idle or suspended. If you enable this setting, users will be asked for a password to unlock the device from sleep. If you disable this setting, users will not be asked for a password to unlock the device from sleep. If you enable or disable this setting, users cannot change or override it. If the policy is left not set the user can choose whether he wants to be asked for password to unlock the device or not.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

ChromeOsReleaseChannelDelegated

Whether the release channel should be configurable by the user
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ChromeOsReleaseChannelDelegated
Mac/Linux preference name:
ChromeOsReleaseChannelDelegated
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.19
Supported features:
Dynamic Policy Refresh: Yes
Description:
If this policy is set to True and the ChromeOsReleaseChannel policy is not specified then users of the enrolling domain will be allowed to change the release channel of the device. If this policy is set to false the device will be locked in whatever channel it was last set. The user selected channel will be overridden by the ChromeOsReleaseChannel policy, but if the policy channel is more stable than the one that was installed on the device, then the channel will only switch after the version of the more stable channel reaches a higher version number than the one installed on the device.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

ClearSiteDataOnExit (deprecated)

Clear site data on browser shutdown (deprecated)
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ClearSiteDataOnExit
Mac/Linux preference name:
ClearSiteDataOnExit
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
This policy is an override for the "Clear cookies and other site data when I close my browser" content settings option that Google Chrome supported prior to version 21. This policy exists only for backward-compatibility and will go away in the future. The recommended way to clear site data on exit on version 21 and later is to configure the DefaultCookiesSetting policy to session-only. If this policy is enabled it will be translated to the appropriate policy setting for the DefaultCookiesSetting policy, setting it to session-only if the DefaultCookiesSetting policy is not configured or set to Allow. If this policy is disabled or left unconfigured the policy for storing site data is determined by the DefaultCookiesSetting policy.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

CloudPrintProxyEnabled

Enable Google Cloud Print proxy
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\CloudPrintProxyEnabled
Mac/Linux preference name:
CloudPrintProxyEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 17
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables Google Chrome to act as a proxy between Google Cloud Print and legacy printers connected to the machine. If this setting is enabled or not configured, users can enable the cloud print proxy by authentication with their Google account. If this setting is disabled, users cannot enable the proxy, and the machine will not be allowed to share it's printers with Google Cloud Print.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

CloudPrintSubmitEnabled

Enable submission of documents to Google Cloud Print
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\CloudPrintSubmitEnabled
Mac/Linux preference name:
CloudPrintSubmitEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 17
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables Google Chrome to submit documents to Google Cloud Print for printing. NOTE: This only affects Google Cloud Print support in Google Chrome. It does not prevent users from submitting print jobs on web sites. If this setting is enabled or not configured, users can print to Google Cloud Print from the Google Chrome print dialog. If this setting is disabled, users cannot print to Google Cloud Print from the Google Chrome print dialog
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

DefaultBrowserSettingEnabled

Set Chrome as Default Browser
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DefaultBrowserSettingEnabled
Mac/Linux preference name:
DefaultBrowserSettingEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Configures the default browser checks in Google Chrome and prevents users from changing them. If you enable this setting, Google Chrome will always check on startup whether it is the default browser and automatically register itself if possible. If this setting is disabled, Google Chrome will never check if it is the default browser and will disable user controls for setting this option. If this setting is not set, Google Chrome will allow the user to control whether it is the default browser and whether user notifications should be shown when it isn't.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

DeveloperToolsDisabled

Disable Developer Tools
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DeveloperToolsDisabled
Mac/Linux preference name:
DeveloperToolsDisabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 9
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Disables the Developer Tools and the JavaScript console. If you enable this setting, the Developer Tools can not be accessed and web-site elements can not be inspected anymore. Any keyboard shortcuts and any menu or context menu entries to open the Developer Tools or the JavaScript Console will be disabled. Setting this option to disabled or leaving it not set will allow the use to use the Developer Tools and the JavaScript console.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

DeviceAllowRedeemChromeOsRegistrationOffers

Allow users to redeem offers through Chrome OS Registration.
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DeviceAllowRedeemChromeOsRegistrationOffers
Mac/Linux preference name:
DeviceAllowRedeemChromeOsRegistrationOffers
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes
Description:
IT admins for enterprise devices can use this flag to controll whether to allow users to redeem offers through Chrome OS Registration. If this policy is set to true or left not set, users will be able to redeem offers through Chrome OS Registration. If this policy is set to false, user will not be able to redeem offers.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

DeviceAppPack

List of AppPack extensions
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DeviceAppPack
Mac/Linux preference name:
DeviceAppPack
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 19
Supported features:
Dynamic Policy Refresh: Yes
Description:
This policy is active in retail mode only. Lists extensions that are automatically installed for the Demo user, for devices in retail mode. These extensions are saved in the device and can be installed while offline, after the installation. Each list entry contains a dictionary that must include the extension ID in the 'extension-id' field, and its update URL in the 'update-url' field.
Example value:
Windows:
Software\Policies\Google\Chrome\DeviceAppPack\1 = "{'extension-id': 'khgabmflimjjbclkmljlpmgaleanedem', 'update-url': 'http://clients2.google.com/service/update2/crx'}"
Linux:
["{'extension-id': 'khgabmflimjjbclkmljlpmgaleanedem', 'update-url': 'http://clients2.google.com/service/update2/crx'}"]
Mac:
<array> <string>{'extension-id': 'khgabmflimjjbclkmljlpmgaleanedem', 'update-url': 'http://clients2.google.com/service/update2/crx'}</string> </array>
Back to top

DeviceOpenNetworkConfiguration

Device-level network configuration
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DeviceOpenNetworkConfiguration
Mac/Linux preference name:
DeviceOpenNetworkConfiguration
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.16
Supported features:
Dynamic Policy Refresh: Yes
Description:
Allows pushing network configuration to be applied for all users of a Google Chrome OS device. The network configuration is a JSON-formatted string as defined by the Open Network Configuration format described at https://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/open-network-configuration
Example value:
"{ "NetworkConfigurations": [ { "GUID": "{4b224dfd-6849-7a63-5e394343244ae9c9}", "Name": "my WiFi", "Type": "WiFi", "WiFi": { "SSID": "my WiFi", "HiddenSSID": false, "Security": "None", "AutoConnect": true } } ] }"
Back to top

DevicePolicyRefreshRate

Refresh rate for Device Policy
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DevicePolicyRefreshRate
Mac/Linux preference name:
DevicePolicyRefreshRate
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes
Description:
Specifies the period in milliseconds at which the device management service is queried for device policy information. Setting this policy overrides the default value of 3 hours. Valid values for this policy are in the range from 1800000 (30 minutes) to 86400000 (1 day). Any values not in this range will be clamped to the respective boundary. Leaving this policy not set will make Google Chrome OS use the default value of 3 hours.
Example value:
0x0036ee80 (Windows), 3600000 (Linux/Mac)
Back to top

DeviceStartUpUrls

Load specified urls on demo login
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DeviceStartUpUrls
Mac/Linux preference name:
DeviceStartUpUrls
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 19
Supported features:
Dynamic Policy Refresh: Yes
Description:
This policy is active in retail mode only. Determines the set of URLs to be loaded when the demo session is started. This policy will override any other mechanisms for setting the initial URL and thus can only be applied to a session not associated with a particular user.
Example value:
Windows:
Software\Policies\Google\Chrome\DeviceStartUpUrls\1 = "http://google.com" Software\Policies\Google\Chrome\DeviceStartUpUrls\2 = "chrome-extension://aaaaaaaaaaaaaaaaaaaaaaaa/"
Linux:
["http://google.com", "chrome-extension://aaaaaaaaaaaaaaaaaaaaaaaa/"]
Mac:
<array> <string>http://google.com</string> <string>chrome-extension://aaaaaaaaaaaaaaaaaaaaaaaa/</string> </array>
Back to top

DeviceTargetVersionPrefix

Target Auto Update Version
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DeviceTargetVersionPrefix
Mac/Linux preference name:
DeviceTargetVersionPrefix
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 19
Supported features:
Dynamic Policy Refresh: Yes
Description:
Sets a target version for Auto Updates. Specifies the prefix of a target version Google Chrome OS should update to. If the device is running a version that's before the specified prefix, it will update to the latest version with the given prefix. If the device is already on a later version, there is no effect (i.e. no downgrades are performed) and the device will remain on the current version. The prefix format works component-wise as is demonstrated in the following example: "" (or not configured): update to latest version available. "1412.": update to any minor version of 1412 (e.g. 1412.24.34 or 1412.60.2) "1412.2.": update to any minor version of 1412.2 (e.g. 1412.2.34 or 1412.2.2) "1412.24.34": update to this specific version only
Example value:
"1412."
Back to top

DeviceUpdateAllowedConnectionTypes

Connection types allowed for updates
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DeviceUpdateAllowedConnectionTypes
Mac/Linux preference name:
DeviceUpdateAllowedConnectionTypes
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 21
Supported features:
Dynamic Policy Refresh: Yes
Description:
The types of connections that are allowed to use for OS updates. OS updates potentially put heavy strain on the connection due to their size and may incur additional cost. Therefore, they are by default not enabled for connection types that are considered expensive, which include WiMax, Bluetooth and Cellular at the moment. The recognized connection type identifiers are "ethernet", "wifi", "wimax", "bluetooth" and "cellular".
Example value:
Windows:
Software\Policies\Google\Chrome\DeviceUpdateAllowedConnectionTypes\1 = "ethernet"
Linux:
["ethernet"]
Mac:
<array> <string>ethernet</string> </array>
Back to top

DeviceUpdateScatterFactor

Auto update scatter factor
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DeviceUpdateScatterFactor
Mac/Linux preference name:
DeviceUpdateScatterFactor
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 20
Supported features:
Dynamic Policy Refresh: Yes
Description:
Specifies the number of seconds up to which a device may randomly delay its download of an update from the time the update was first pushed out to the server. The device may wait a portion of this time in terms of wall-clock-time and the remaining portion in terms of the number of update checks. In any case, the scatter is upper bounded to a constant amount of time so that a device does not ever get stuck waiting to download an update forever.
Example value:
0x00001c20 (Windows), 7200 (Linux/Mac)
Back to top

DeviceUserWhitelist

Login user white list
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DeviceUserWhitelist
Mac/Linux preference name:
DeviceUserWhitelist
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 12
Supported features:
Dynamic Policy Refresh: Yes
Description:
Defines the list of users that are allowed to login to the device. Entries are of the form user@domain, such as madmax@managedchrome.com. To allow arbitrary users on a domain, use entries of the form *@domain. If this policy is not configured, there are no restrictions on which users are allowed to sign in. Note that creating new users still requires the DeviceAllowNewUsers policy to be configured appropriately.
Example value:
Windows:
Software\Policies\Google\Chrome\DeviceUserWhitelist\1 = "madmax@managedchrome.com"
Linux:
["madmax@managedchrome.com"]
Mac:
<array> <string>madmax@managedchrome.com</string> </array>
Back to top

Disable3DAPIs

Disable support for 3D graphics APIs
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\Disable3DAPIs
Mac/Linux preference name:
Disable3DAPIs
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 9
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Disable support for 3D graphics APIs. Enabling this setting prevents web pages from accessing the graphics processing unit (GPU). Specifically, web pages can not access the WebGL API and plugins can not use the Pepper 3D API. Disabling this setting or leaving it not set potentially allows web pages to use the WebGL API and plugins to use the Pepper 3D API. The default settings of the browser may still require command line arguments to be passed in order to use these APIs.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

DisableSSLRecordSplitting

Disable SSL record splitting
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DisableSSLRecordSplitting
Mac/Linux preference name:
DisableSSLRecordSplitting
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 18
  • Google Chrome OS (Google Chrome OS) since version 0.18
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Specifies whether SSL record splitting should be disabled. Record splitting is a workaround for a weakness in SSL 3.0 and TLS 1.0 but can cause compatibility issues with some HTTPS servers and proxies. If the policy is not set, or is set to false, then record splitting will be used on SSL/TLS connections which use CBC ciphersuites.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

DisableSafeBrowsingProceedAnyway

Disable proceeding from the Safe Browsing warning page
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DisableSafeBrowsingProceedAnyway
Mac/Linux preference name:
DisableSafeBrowsingProceedAnyway
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 22
  • Google Chrome OS (Google Chrome OS) since version 0.22
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
The Safe Browsing service shows a warning page when users navigate to sites that are flagged as potentially mallicious. Enabling this setting prevents users from proceeding anyway from the warning page to the malicious site. If this setting is disabled or not configured then users can choose to proceed to the flagged site after being shown the warning.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

DisabledPlugins

Specify a list of disabled plugins
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DisabledPlugins
Mac/Linux preference name:
DisabledPlugins
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies a list of plugins that are disabled in Google Chrome and prevents users from changing this setting. The wildcard characters '*' and '?' can be used to match sequences of arbitrary characters. '*' matches an arbitrary number of characters while '?' specifies an optional single character, i.e. matches zero or one characters. The escape character is '\', so to match actual '*', '?', or '\' characters, you can put a '\' in front of them. If you enable this setting, the specified list of plugins is never used in Google Chrome. The plugins are marked as disabled in 'about:plugins' and users cannot enable them. Note that this policy can be overridden by EnabledPlugins and DisabledPluginsExceptions. If this policy is left not set the user can use any plugin installed on the system except for hard-coded incompatible, outdated or dangerous plugins.
Example value:
Windows:
Software\Policies\Google\Chrome\DisabledPlugins\1 = "Java" Software\Policies\Google\Chrome\DisabledPlugins\2 = "Shockwave Flash" Software\Policies\Google\Chrome\DisabledPlugins\3 = "Chrome PDF Viewer"
Linux:
["Java", "Shockwave Flash", "Chrome PDF Viewer"]
Mac:
<array> <string>Java</string> <string>Shockwave Flash</string> <string>Chrome PDF Viewer</string> </array>
Back to top

DisabledPluginsExceptions

Specify a list of plugins that the user can enable or disable
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DisabledPluginsExceptions
Mac/Linux preference name:
DisabledPluginsExceptions
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies a list of plugins that user can enable or disable in Google Chrome. The wildcard characters '*' and '?' can be used to match sequences of arbitrary characters. '*' matches an arbitrary number of characters while '?' specifies an optional single character, i.e. matches zero or one characters. The escape character is '\', so to match actual '*', '?', or '\' characters, you can put a '\' in front of them. If you enable this setting, the specified list of plugins can be used in Google Chrome. Users can enable or disable them in 'about:plugins', even if the plugin also matches a pattern in DisabledPlugins. Users can also enable and disable plugins that don't match any patterns in DisabledPlugins, DisabledPluginsExceptions and EnabledPlugins. This policy is meant to allow for strict plugin blacklisting where the 'DisabledPlugins' list contains wildcarded entries like disable all plugins '*' or disable all Java plugins '*Java*' but the administrator wishes to enable some particular version like 'IcedTea Java 2.3'. This particular versions can be specified in this policy. If this policy is left not set any plugin that matches the patterns in the 'DisabledPlugins' will be locked disabled and the user won't be able to enable them.
Example value:
Windows:
Software\Policies\Google\Chrome\DisabledPluginsExceptions\1 = "Java" Software\Policies\Google\Chrome\DisabledPluginsExceptions\2 = "Shockwave Flash" Software\Policies\Google\Chrome\DisabledPluginsExceptions\3 = "Chrome PDF Viewer"
Linux:
["Java", "Shockwave Flash", "Chrome PDF Viewer"]
Mac:
<array> <string>Java</string> <string>Shockwave Flash</string> <string>Chrome PDF Viewer</string> </array>
Back to top

DisabledSchemes

Disable URL protocol schemes
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\DisabledSchemes
Mac/Linux preference name:
DisabledSchemes
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 12
  • Google Chrome OS (Google Chrome OS) since version 0.12
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Disables the listed protocol schemes in Google Chrome. URLs using a scheme from this list will not load and can not be navigated to. If this policy is left not set or the list is empty all schemes will be accessible in Google Chrome.
Example value:
Windows:
Software\Policies\Google\Chrome\DisabledSchemes\1 = "file" Software\Policies\Google\Chrome\DisabledSchemes\2 = "mailto"
Linux:
["file", "mailto"]
Mac:
<array> <string>file</string> <string>mailto</string> </array>
Back to top

DiskCacheDir

Set disk cache directory
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DiskCacheDir
Mac/Linux preference name:
DiskCacheDir
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 13
Supported features:
Dynamic Policy Refresh: No, Per Profile: No
Description:
Configures the directory that Google Chrome will use for storing cached files on the disk. If you set this policy, Google Chrome will use the provided directory regardless whether the user has specified the '--disk-cache-dir' flag or not. See http://www.chromium.org/administrators/policy-list-3/user-data-directory-variables for a list of variables that can be used. If this policy is left not set the default cache directory will be used and the user will be able to override it with the '--disk-cache-dir' command line flag.
Example value:
"${user_home}/Chrome_cache"
Back to top

DiskCacheSize

Set disk cache size in bytes
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DiskCacheSize
Mac/Linux preference name:
DiskCacheSize
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 17
Supported features:
Dynamic Policy Refresh: No, Per Profile: No
Description:
Configures the cache size that Google Chrome will use for storing cached files on the disk. If you set this policy, Google Chrome will use the provided cache size regardless whether the user has specified the '--disk-cache-size' flag or not. If the value of this policy is 0, the default cache size will be used but the user will not be able to change it. If this policy is not set the default size will be used and the user will be able to override it with the --disk-cache-size flag.
Example value:
0x06400000 (Windows), 104857600 (Linux/Mac)
Back to top

DnsPrefetchingEnabled

Enable network prediction
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\DnsPrefetchingEnabled
Mac/Linux preference name:
DnsPrefetchingEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables network prediction in Google Chrome and prevents users from changing this setting. This controls not only DNS prefetching but also TCP and SSL preconnection and prerendering of web pages. The policy name refers to DNS prefetching for historical reasons. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set, this will be enabled but the user will be able to change it.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

DownloadDirectory

Set download directory
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\DownloadDirectory
Mac/Linux preference name:
DownloadDirectory
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Configures the directory that Google Chrome will use for downloading files. If you set this policy, Google Chrome will use the provided directory regardless whether the user has specified one or enabled the flag to be prompted for download location every time. See http://www.chromium.org/administrators/policy-list-3/user-data-directory-variables for a list of variables that can be used. If this policy is left not set the default download directory will be used and the user will be able to change it.
Example value:
"/home/${user_name}/Downloads"
Back to top

EnableOnlineRevocationChecks

Whether online OCSP/CRL checks are performed
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\EnableOnlineRevocationChecks
Mac/Linux preference name:
EnableOnlineRevocationChecks
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 19
  • Google Chrome OS (Google Chrome OS) since version 0.19
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
In light of the fact that soft-fail, online revocation checks provide no effective security benefit, they are disabled by default in Google Chrome version 19 and later. By setting this policy to true, the previous behaviour is restored and online OCSP/CRL checks will be performed. If the policy is not set, or is set to false, then Chrome will not perform online revocation checks in Chrome 19 and later.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

EnabledPlugins

Specify a list of enabled plugins
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\EnabledPlugins
Mac/Linux preference name:
EnabledPlugins
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies a list of plugins that are enabled in Google Chrome and prevents users from changing this setting. The wildcard characters '*' and '?' can be used to match sequences of arbitrary characters. '*' matches an arbitrary number of characters while '?' specifies an optional single character, i.e. matches zero or one characters. The escape character is '\', so to match actual '*', '?', or '\' characters, you can put a '\' in front of them. The specified list of plugins is always used in Google Chrome if they are installed. The plugins are marked as enabled in 'about:plugins' and users cannot disable them. Note that this policy overrides both DisabledPlugins and DisabledPluginsExceptions. If this policy is left not set the user can disable any plugin installed on the system.
Example value:
Windows:
Software\Policies\Google\Chrome\EnabledPlugins\1 = "Java" Software\Policies\Google\Chrome\EnabledPlugins\2 = "Shockwave Flash" Software\Policies\Google\Chrome\EnabledPlugins\3 = "Chrome PDF Viewer"
Linux:
["Java", "Shockwave Flash", "Chrome PDF Viewer"]
Mac:
<array> <string>Java</string> <string>Shockwave Flash</string> <string>Chrome PDF Viewer</string> </array>
Back to top

EnterpriseWebStoreURL

Enterprise web store URL
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\EnterpriseWebStoreURL
Mac/Linux preference name:
EnterpriseWebStoreURL
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 17
  • Google Chrome OS (Google Chrome OS) since version 0.17
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies the URL for the enterprise web store. When this setting is enabled, an app will appear on the new tab page which, when clicked, will take the user to the specified URL. To actually allow extension installation from the configured website, the ExtensionInstallSources policy must be configured to allow installation from the appropriate extension download URLs. If this policy is set, the EnterpriseWebStoreName setting should also be set. If this setting is disabled, no enterprise web store app will appear on the new tab page.
Example value:
"http://company-intranet/chromeapps"
Back to top

ExternalStorageDisabled

Disable mounting of external storage
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ExternalStorageDisabled
Mac/Linux preference name:
ExternalStorageDisabled
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.22
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Disable mounting of external storage. When this policy is set to true, external storage will not be available in the file browser. This policy affects all types of storage media. For example: USB flash drives, external hard drives, SD and other memory cards, optical storage etc. Internal storage is not affected, therefore files saved in the Download folder can still be accessed. Google Drive is also not affected by this policy. If this setting is disabled or not configured then users can use all supported types of external storage on their device.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

IncognitoEnabled (deprecated)

Enable Incognito mode
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\IncognitoEnabled
Mac/Linux preference name:
IncognitoEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
This policy is deprecated. Please, use IncognitoModeAvailability instead. Enables Incognito mode in Google Chrome. If this setting is enabled or not configured, users can open web pages in incognito mode. If this setting is disabled, users cannot open web pages in incognito mode. If this policy is left not set, this will be enabled and the user will be able to use incognito mode.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

IncognitoModeAvailability

Incognito mode availability
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\IncognitoModeAvailability
Mac/Linux preference name:
IncognitoModeAvailability
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 14
  • Google Chrome OS (Google Chrome OS) since version 0.14
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies whether the user may open pages in Incognito mode in Google Chrome. If 'Enabled' is selected or the policy is left unset, pages may be opened in Incognito mode. If 'Disabled' is selected, pages may not be opened in Incognito mode. If 'Forced' is selected, pages may be opened ONLY in Incognito mode.
  • 0 = Incognito mode available
  • 1 = Incognito mode disabled
  • 2 = Incognito mode forced
Example value:
0x00000001 (Windows), 1 (Linux/Mac)
Back to top

InstantEnabled

Enable Instant
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\InstantEnabled
Mac/Linux preference name:
InstantEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 11
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables Google Chrome's Instant feature and prevents users from changing this setting. If you enable this setting, Google Chrome Instant is enabled. If you disable this setting, Google Chrome Instant is disabled. If you enable or disable this setting, users cannot change or override this setting. If this setting is left not set the user can decide to use this function or not.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

MaxConnectionsPerProxy

Maximal number of concurrent connections to the proxy server
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\MaxConnectionsPerProxy
Mac/Linux preference name:
MaxConnectionsPerProxy
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 14
Supported features:
Dynamic Policy Refresh: No, Per Profile: No
Description:
Specifies the maximal number of simultaneous connections to the proxy server. Some proxy servers can not handle high number of concurrent connections per client and this can be solved by setting this policy to a lower value. The value of this policy should be lower than 100 and higher than 6 and the default value is 32. Some web apps are known to consume many connections with hanging GETs, so lowering below 32 may lead to browser networking hangs if too many such web apps are open. Lower below the default at your own risk. If this policy is left not set the default value will be used which is 32.
Example value:
0x00000020 (Windows), 32 (Linux/Mac)
Back to top

MediaCacheSize

Set media disk cache size in bytes
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\MediaCacheSize
Mac/Linux preference name:
MediaCacheSize
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 17
Supported features:
Dynamic Policy Refresh: No, Per Profile: No
Description:
Configures the cache size that Google Chrome will use for storing cached media files on the disk. If you set this policy, Google Chrome will use the provided cache size regardless whether the user has specified the '--media-cache-size' flag or not. If the value of this policy is 0, the default cache size will be used but the user will not be able to change it. If this policy is not set the default size will be used and the user will be able to override it with the --media-cache-size flag.
Example value:
0x06400000 (Windows), 104857600 (Linux/Mac)
Back to top

MetricsReportingEnabled

Enable reporting of usage and crash-related data
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\MetricsReportingEnabled
Mac/Linux preference name:
MetricsReportingEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: No, Per Profile: No
Description:
Enables anonymous reporting of usage and crash-related data about Google Chrome to Google and prevents users from changing this setting. If you enable this setting, anonymous reporting of usage and crash-related data is sent to Google. If you disable this setting, anonymous reporting of usage and crash-related data is never sent to Google. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set the setting will be what the user chose upon installation / first run.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

OpenNetworkConfiguration

User-level network configuration
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\OpenNetworkConfiguration
Mac/Linux preference name:
OpenNetworkConfiguration
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.16
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows pushing network configuration to be applied per-user to a Google Chrome OS device. The network configuration is a JSON-formatted string as defined by the Open Network Configuration format described at https://sites.google.com/a/chromium.org/dev/chromium-os/chromiumos-design-docs/open-network-configuration
Example value:
"{ "NetworkConfigurations": [ { "GUID": "{4b224dfd-6849-7a63-5e394343244ae9c9}", "Name": "my WiFi", "Type": "WiFi", "WiFi": { "SSID": "my WiFi", "HiddenSSID": false, "Security": "None", "AutoConnect": true } } ] }"
Back to top

PinnedLauncherApps

List of pinned apps to show in the launcher
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\PinnedLauncherApps
Mac/Linux preference name:
PinnedLauncherApps
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 20
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Lists the application identifiers Google Chrome OS shows as pinned apps in the launcher bar. If this policy is configured, the set of applications is fixed and can't be changed by the user. If this policy is left unset, the user may change the list of pinned apps in the launcher.
Example value:
Windows:
Software\Policies\Google\Chrome\PinnedLauncherApps\1 = "pjkljhegncpnkpknbcohdijeoejaedia"
Linux:
["pjkljhegncpnkpknbcohdijeoejaedia"]
Mac:
<array> <string>pjkljhegncpnkpknbcohdijeoejaedia</string> </array>
Back to top

PolicyRefreshRate

Refresh rate for user policy
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\PolicyRefreshRate
Mac/Linux preference name:
PolicyRefreshRate
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Specifies the period in milliseconds at which the device management service is queried for user policy information. Setting this policy overrides the default value of 3 hours. Valid values for this policy are in the range from 1800000 (30 minutes) to 86400000 (1 day). Any values not in this range will be clamped to the respective boundary. Leaving this policy not set will make Google Chrome use the default value of 3 hours.
Example value:
0x0036ee80 (Windows), 3600000 (Linux/Mac)
Back to top

PrintingEnabled

Enable printing
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\PrintingEnabled
Mac/Linux preference name:
PrintingEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables printing in Google Chrome and prevents users from changing this setting. If this setting is enabled or not configured, users can print. If this setting is disabled, users cannot print from Google Chrome. Printing is disabled in the wrench menu, extensions, JavaScript applications, etc. It is still possible to print from plugins that bypass Google Chrome while printing. For example, certain Flash applications have the print option in their context menu, which is not covered by this policy.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

SafeBrowsingEnabled

Enable Safe Browsing
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\SafeBrowsingEnabled
Mac/Linux preference name:
SafeBrowsingEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables Google Chrome's Safe Browsing feature and prevents users from changing this setting. If you enable this setting, Safe Browsing is always active. If you disable this setting, Safe Browsing is never active. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set, this will be enabled but the user will be able to change it.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

SearchSuggestEnabled

Enable search suggestions
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\SearchSuggestEnabled
Mac/Linux preference name:
SearchSuggestEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables search suggestions in Google Chrome's omnibox and prevents users from changing this setting. If you enable this setting, search suggestions are used. If you disable this setting, search suggestions are never used. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this policy is left not set, this will be enabled but the user will be able to change it.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

SessionLengthLimit

Limit the session length
Data type:
Integer (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\SessionLengthLimit
Mac/Linux preference name:
SessionLengthLimit
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 25
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Limit the maximum length of a user session. When this policy is set, it specifies the length of time after which a user is automatically logged out, terminating the session. The user is informed about the remaining time by a countdown timer shown in the system tray. When this policy is not set, the session length is not limited. If you set this policy, users cannot change or override it. The policy value should be specified in milliseconds. Values are clamped to a range of 30 seconds to 24 hours.
Example value:
0x0036ee80 (Windows), 3600000 (Linux/Mac)
Back to top

ShelfAutoHideBehavior

Control shelf auto-hiding
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\ShelfAutoHideBehavior
Mac/Linux preference name:
ShelfAutoHideBehavior
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 25
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Control auto-hiding of the Google Chrome OS shelf. If this policy is set to 'AlwaysAutoHideShelf', the shelf will always auto-hide. If this policy is set to 'NeverAutoHideShelf', the shelf never auto-hide. If you set this policy, users cannot change or override it. If the policy is left not set, users can choose whether the shelf should auto-hide.
  • "Always" = Always auto-hide the shelf
  • "Never" = Never auto-hide the shelf
Example value:
"Always"
Back to top

ShowHomeButton

Show Home button on toolbar
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\ShowHomeButton
Mac/Linux preference name:
ShowHomeButton
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 8
  • Google Chrome OS (Google Chrome OS) since version 0.11
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Shows the Home button on Google Chrome's toolbar. If you enable this setting, the Home button is always shown. If you disable this setting, the Home button is never shown. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. Leaving this policy not set will allow the user to choose whether to show the home button.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

SpellCheckServiceEnabled

Enable or disable spell checking web service
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\SpellCheckServiceEnabled
Mac/Linux preference name:
SpellCheckServiceEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 22
  • Google Chrome OS (Google Chrome OS) since version 0.22
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Google Chrome can use a Google web service to help resolve spelling errors. If this setting is enabled, then this service is always used. If this setting is disabled, then this service is never used. Spell checking can still be performed using a downloaded dictionary; this policy only controls the usage of the online service. If this setting is not configured then users can choose whether the spell checking service should be used or not.
Example value:
0x00000000 (Windows), false (Linux), <false /> (Mac)
Back to top

SystemTimezone

Timezone
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\SystemTimezone
Mac/Linux preference name:
SystemTimezone
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 22
Supported features:
Dynamic Policy Refresh: Yes
Description:
Specifies the timezone to be used for the device. Users can override the specified timezone for the current session. However, on logout it is set back to the specified timezone. If an invalid value is provided, the policy is still activated using "GMT" instead. If an empty string is provided, the policy is ignored. If this policy is not used, the currently active timezone will remain in use however users can change the timezone and the change is persistent. Thus a change by one user affects the login-screen and all other users. New devices start out with the timezone set to "US/Pacific". The format of the value follows the names of timezones in the "IANA Time Zone Database" (see "http://en.wikipedia.org/wiki/List_of_tz_database_time"). In particular, most timezones can be referred to by "continent/large_city" or "ocean/large_city".
Example value:
"America/Los_Angeles"
Back to top

TermsOfServiceURL

Set the Terms of Service for a device-local account
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\TermsOfServiceURL
Mac/Linux preference name:
TermsOfServiceURL
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 26
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Sets the Terms of Service that the user must accept before starting a device-local account session. If this policy is set, Google Chrome OS will download the Terms of Service and present them to the user whenever a device-local account session is starting. The user will only be allowed into the session after accepting the Terms of Service. If this policy is not set, no Terms of Service are shown. The policy should be set to a URL from which Google Chrome OS can download the Terms of Service. The Terms of Service must be plain text, served as MIME type text/plain. No markup is allowed.
Example value:
"http://www.example.com/terms_of_service.txt"
Back to top

TranslateEnabled

Enable Translate
Data type:
Boolean (REG_DWORD)
Windows registry location:
Software\Policies\Google\Chrome\TranslateEnabled
Mac/Linux preference name:
TranslateEnabled
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 12
  • Google Chrome OS (Google Chrome OS) since version 0.12
Supported features:
Can Be Recommended: Yes, Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Enables the integrated Google Translate service on Google Chrome. If you enable this setting, Google Chrome will show an integrated toolbar offering to translate the page for the user, when appropriate. If you disable this setting, users will never see the translation bar. If you enable or disable this setting, users cannot change or override this setting in Google Chrome. If this setting is left not set the user can decide to use this function or not.
Example value:
0x00000001 (Windows), true (Linux), <true /> (Mac)
Back to top

URLBlacklist

Block access to a list of URLs
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\URLBlacklist
Mac/Linux preference name:
URLBlacklist
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 15
  • Google Chrome OS (Google Chrome OS) since version 0.15
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Blocks access to the listed URLs. This policy prevents the user from loading web pages from blacklisted URLs. A URL has the format 'scheme://host:port/path'. The optional scheme can be http, https or ftp. Only this scheme will be blocked; if none is specified, all schemes are blocked. The host can be a hostname or an IP address. Subdomains of a hostname will also be blocked. To prevent blocking subdomains, include a '.' before the hostname. The special hostname '*' will block all domains. The optional port is a valid port number from 1 to 65535. If none is specified, all ports are blocked. If the optional path is specified, only paths with that prefix will be blocked. Exceptions can be defined in the URL whitelist policy. These policies are limited to 1000 entries; subsequent entries will be ignored. If this policy is not set no URL will be blacklisted in the browser.
Example value:
Windows:
Software\Policies\Google\Chrome\URLBlacklist\1 = "example.com" Software\Policies\Google\Chrome\URLBlacklist\2 = "https://ssl.server.com" Software\Policies\Google\Chrome\URLBlacklist\3 = "hosting.com/bad_path" Software\Policies\Google\Chrome\URLBlacklist\4 = "http://server:8080/path" Software\Policies\Google\Chrome\URLBlacklist\5 = ".exact.hostname.com" Software\Policies\Google\Chrome\URLBlacklist\6 = "*"
Linux:
["example.com", "https://ssl.server.com", "hosting.com/bad_path", "http://server:8080/path", ".exact.hostname.com", "*"]
Mac:
<array> <string>example.com</string> <string>https://ssl.server.com</string> <string>hosting.com/bad_path</string> <string>http://server:8080/path</string> <string>.exact.hostname.com</string> <string>*</string> </array>
Back to top

URLWhitelist

Allows access to a list of URLs
Data type:
List of strings
Windows registry location:
Software\Policies\Google\Chrome\URLWhitelist
Mac/Linux preference name:
URLWhitelist
Supported on:
  • Google Chrome (Linux, Mac, Windows) since version 15
  • Google Chrome OS (Google Chrome OS) since version 0.15
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: Yes
Description:
Allows access to the listed URLs, as exceptions to the URL blacklist. See the description of the URL blacklist policy for the format of entries of this list. This policy can be used to open exceptions to restrictive blacklists. For example, '*' can be blacklisted to block all requests, and this policy can be used to allow access to a limited list of URLs. It can be used to open exceptions to certain schemes, subdomains of other domains, ports, or specific paths. The most specific filter will determine if a URL is blocked or allowed. The whitelist takes precedence over the blacklist. This policy is limited to 1000 entries; subsequent entries will be ignored. If this policy is not set there will be no exceptions to the blacklist from the 'URLBlacklist' policy.
Example value:
Windows:
Software\Policies\Google\Chrome\URLWhitelist\1 = "example.com" Software\Policies\Google\Chrome\URLWhitelist\2 = "https://ssl.server.com" Software\Policies\Google\Chrome\URLWhitelist\3 = "hosting.com/bad_path" Software\Policies\Google\Chrome\URLWhitelist\4 = "http://server:8080/path" Software\Policies\Google\Chrome\URLWhitelist\5 = ".exact.hostname.com"
Linux:
["example.com", "https://ssl.server.com", "hosting.com/bad_path", "http://server:8080/path", ".exact.hostname.com"]
Mac:
<array> <string>example.com</string> <string>https://ssl.server.com</string> <string>hosting.com/bad_path</string> <string>http://server:8080/path</string> <string>.exact.hostname.com</string> </array>
Back to top

UserDataDir

Set user data directory
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\UserDataDir
Mac/Linux preference name:
UserDataDir
Supported on:
  • Google Chrome (Windows) since version 11
  • Google Chrome (Mac) since version 11
Supported features:
Dynamic Policy Refresh: No, Per Profile: No
Description:
Configures the directory that Google Chrome will use for storing user data. If you set this policy, Google Chrome will use the provided directory regardless whether the user has specified the '--user-data-dir' flag or not. See http://www.chromium.org/administrators/policy-list-3/user-data-directory-variables for a list of variables that can be used. If this policy is left not set the default profile path will be used and the user will be able to override it with the '--user-data-dir' command line flag.
Example value:
"${users}/${user_name}/Chrome"
Back to top

UserDisplayName

Set the display name for device-local accounts
Data type:
String (REG_SZ)
Windows registry location:
Software\Policies\Google\Chrome\UserDisplayName
Mac/Linux preference name:
UserDisplayName
Supported on:
  • Google Chrome OS (Google Chrome OS) since version 25
Supported features:
Dynamic Policy Refresh: Yes, Per Profile: No
Description:
Controls the account name Google Chrome OS shows on the login screen for the corresponding device-local account. If this policy is set, the login screen will use the specified string in the picture-based login chooser for the corresponding device-local account. If the policy is left not set, Google Chrome OS will use the device-local account's email account ID as the display name on the login screen. This policy is ignored for regular user accounts.
Example value:
"Policy User"
Back to top