How to deny Google Chrome extensions access to intranet content

group-policy google-chrome
6,819

All the settings currently available to you via Group Policy are listed on the Chromium site. You can block all extensions, then allow certain ones via a whitelist, but I don't see anything in there that does specifically what you want.

In terms of blocking access to extensions, they will have access to whatever the user running Chrome has access to. Since the extension can access the content after it has been downloaded by the browser, there is no way the server can control this access.

So your choices seem to be maintaining an approved list of extensions you aren't worried about, or making a custom version of Chrome (Chromium is Open Source) to distribute to users that includes the functionality you are looking for.

Reading the Chrome Extensions Developer Guide section on Content Scripts, particularly the sections on Execution Environment, Communication with the Embedding Page and Security Considerations, will give you a better understanding of how Chrome Extensions work, and may suggest where you have opportunities either working with Chromium, or customising extensions.

Or set up some sophisticated deep packet inspection firewall that can identify content you don't want to leak, which would have the additional benefit of covering all applications - but be rather expensive :-)

Share:
6,819

Related videos on Youtube

Sujay
Author by

Sujay

Updated on November 22, 2022

Comments

  • Sujay
    Sujay over 1 year

    What I'm looking for is a domain (sub-domains included) restriction for extensions that require permissions to read content on the open tab.

    This is just to make sure to provide the users with customization & at the same time, make sure that internal content is never sent outside the network un-intentionally.

  • Sujay
    Sujay over 11 years
    I'm already using Blacklist * & Whitelist specific extensions. I just want to be able to selectively disable extensions for particular domains. So say for example an extension like SoundGecko, that can read the content of all open tabs & browsing history should not work on tabs that have an address in the format *.example.com.
  • dunxd
    dunxd over 11 years
    At the group policy level, I don't see any way to get what you want. I suggest you read the Chrome Extensions Developer Guide section on Content Scripts (developer.chrome.com/extensions/content_scripts.html). The sections on Execution Environment and Comminication with the Embedding Page and Security Considerations will give you a better understanding of how Chrome Extensions work, and may suggest where you have opportunities to achieve what you are seeking.
  • Sujay
    Sujay over 11 years
    I still think this question has not received enough attention(for which I started the bounty). Hence I'll Upvote your answer but don't know if I can accept your answer or give you the bounty. Thanks for the help.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Why is an unremovable Policy for "QuicAllowed" making Google Chrome tell me it's managed by my organisation?
Group policy doesn't let me execute Chrome
Disable Flash Player in Chrome via Group Policy
How do I redirect the Google Chrome appdata/local folder?
How to configure Chrome on a Terminal Server
Company Wide Windows Auth with Chrome and Firefox
Install chrome extensions via GPO
Where Do I Find The Update URL For Google Chrome Extensions?
How to remove Chrome policies?
Offline google chrome extensions