List of Interesting Experimental Flags for Google Chrome to Try Out

[Petrovic]

If you are a regular here you know that you can modify quite a few Google Chrome settings on the chrome://flags/ page.

The majority of settings that you find there are not yet ready for prime time. Some technologies may still be in active development, other features are tested by Google and made available to a wider audience through flags.

Since you find more than a hundred flags on the page at any time, it can be quite time consuming to go through all them regularly to find out what is new.

Since the flags don't appear to be in any kind of chronological order, it is difficult to make the distinction between old and new.

This article looks at several flags that are interesting from a user point of view. Each experiment is listed with its title and internal link at the top. You need to copy and paste the link into the address bar manually to get right to the preference on the flags' page.

Experimental Chrome flags
Mark non-secure origins as non-secure

• chrome://flags/#mark-non-secure-as

Google considers marking all http websites that you visit in Chrome as insecure at one point in time. The flag allows you to enable this feature right now in the browser. You can set them to neutral, non-secure or dubious currently using the flag.

Enable extension toolbar redesign

• chrome://flags/#enable-extension-action-redesign

Google is working on a redesign of the extension toolbar currently. It is displayed to the right of the address bar.

If you enable the flag, extension icons are displayed for all installed extensions there.

Remember decisions to proceed through SSL errors for a specified length of time

• chrome://flags/#remember-cert-error-decisions

When you encounter an SSL error you get options to handle it in one way or the other. You can use this setting to remember that decision for up to three months.

Enable fast tab/window close

• chrome://flags/#enable-fast-unload

This one may speed up the closing of tabs or Chrome browser windows when enabled.

Save Page as MHTML

• chrome://flags/#save-page-as-mhtml

Instead of saving most web pages as multiple files that depend on each other, the web page is saved as a single file.

Enable Automatic Spelling Correction

• chrome://flags/#spellcheck-autocorrect

If you enable this feature, Chrome will auto-correct text while you are still typing.

Enable Download Resumption

• chrome://flags/#enable-download-resumption

When a download stops for whatever reason, be it server error, transfer error, a flaky Internet connection or you closing the browser by accident, it will be restarted from the very beginning. With this set to enable, downloads are resumed from the position they stopped provided that the server supports this as well.

Only Auto-Reload Visible Tabs

• chrome://flags/#enable-offline-auto-reload-visible-only

When tabs cannot be loaded by Chrome, for instance if the computer is offline, then they will automatically be reloaded when the browser is online again.

If you enable this feature, Chrome will only load visible tabs and not all of them.

Enable Developer Tools experiments

• chrome://flags/#enable-devtools-experiments

This enables a new option in the Chrome Developer Tool settings that you can use to enable experimental features there.
Source

 

[Ink]

Without opening a new topic, here are some I have configured in Chrome 64.0 64-bit.

Unsorted mix of security, privacy, usability, interface etc. Some are set to disable.

Spoiler: Expand Code

Smooth Scrolling
#smooth-scrolling

Site settings with All sites and Site details
#enable-site-settings

Material Design in the rest of the browser's native UI
#secondary-ui-md

Password generation
#enable-password-generation

Force-saving of passwords
#enable-password-force-saving

Manual password generation
#enable-manual-password-generation

New style notification
#enable-message-center-new-style-notification

Memory coordinator
#enable-memory-coordinator

Tab audio muting UI control
#enable-tab-audio-muting

Mark non-secure origins as non-secure (Always mark HTTP..)
#mark-non-secure-as

Show in-form warnings for sensitive fields when the top-level page is not HTTPS
Attaches a warning UI to any password or credit card fields detected when the top-level page is not HTTPS.
#enable-http-form-warning

Strict site isolation
Highly experimental security mode that ensures each renderer process contains pages from at most one site. In this mode, out-of-process iframes will be used whenever an iframe is cross-site.
#enable-site-per-process

App Banners
Enable the display of Progressive Web App banners, which prompt a user to add a web app to their shelf, or other platform-specific equivalent.
#enable-app-banners

Experimental app banners
#enable-experimental-app-banners

Desktop PWAs
Experimental windowing and install banner treatment for Progressive Web Apps on desktop platforms. Implies #enable-experimental-app-banners.
#enable-desktop-pwas

Experimental keyboard lock UI.
An experimental full screen with keyboard lock mode requiring users to hold Esc to exit.
#experimental-keyboard-lock-ui

Enable AppContainer Lockdown.
Enables the use of an AppContainer on sandboxed processes to improve security.
#enable-appcontainer

Enable Material Design extensions
#enable-md-extensions

Automatic tab discarding
#automatic-tab-discarding

Google branding in the context menu
Shows a Google icon next to context menu items powered by Google services.
#enable-google-branded-context-menu

Generic Sensor (Disabled)
Enables motion sensor classes based on Generic Sensor API, i.e. Accelerometer, LinearAccelerationSensor, Gyroscope, AbsoluteOrientationSensor and RelativeOrientationSensor interfaces.
#enable-generic-sensor

Generic Sensor Extra Classes (Disabled)
Enables an extra set of sensor classes based on Generic Sensor API, which expose previously unavailable platform features, i.e. AmbientLightSensor and Magnetometer interfaces.
#enable-generic-sensor-extra-classes

Throttle expensive background timers
Enables intervention to limit CPU usage of background timers to 1%.
#expensive-background-timer-throttling

Enable new Print Preview UI
#enable-new-print-preview

Custom-drawn Windows 10 Titlebar
If enabled, Chrome will draw the titlebar and caption buttons instead of deferring to Windows.
#windows10-custom-titlebar

Desktop to iOS promotions (Disabled)
Enable Desktop to iOS promotions, and allow users to see them if they are eligible.
#enable-desktop-ios-promotions

Enable the New App Menu Icon
#enable-new-app-menu-icon

Pause background tabs
Pause timers in background tabs after 5 minutes on desktop.
#pause-background-tabs

Autoplay policy (User gesture is required..)
Policy used when deciding if audio or video is allowed to autoplay.
#autoplay-policy

Enable using the Google local NTP
#use-google-local-ntp

Enable the OneGoogleBar on the local NTP
Show a OneGoogleBar on the local New Tab page if Google is the default search engine.
#one-google-bar-on-local-ntp

Enable picture in picture.
#enable-picture-in-picture

Enable Voice Search on the local NTP (Disabled)
Show a microphone for voice search on the local New Tab page if Google is the default search engine.
#voice-search-on-local-ntp

Click to open embedded PDFs
#click-to-open-pdf

Enable doodles on the local NTP
#doodles-on-local-ntp

Sound content setting
Enable site-wide muting in content settings and tab strip context menu.
#sound-content-setting

 

[Windows_Security]

Enhanced privacy settings
- Disable hyperlink auditing (chrome://flags/#disable-hyperlink-auditing)
- Reduce default 'referer' header granularity (chrome://flags/#reduced-referrer-granularity)

Enhanced security settings
- Permissions blacklist (chrome://flags/#enable-permissions-blacklist)
- Extension Content Verification -(chrome://flags/#extension-content-verification) ENABLE STRICT
- Block scripts loaded via document.write (chrome://flags/#disallow-doc-written-script-loads)
- Strict site isolation (chrome://flags/#enable-site-per-process)

Enhanced performance settings
- Parallel downloading (chrome://flags/#enable-parallel-downloading)

Note: Parallel downloading enabled since Chrome 63, all others I have set before leaving Wilders and joining MalwareTips (so at least two years now, without running into errors or site incompatibility problems).

 

[shmu26]

Thanks to @Spawn and @Windows_Security for bringing to light some interesting flags. I enabled a few of them, and so far, so good.

 

[Sunshine-boy]

@Windows_Security Do you know about policies in chrome(browser://policy-tool)?if yes then some tutorials thanks
Policy List - The Chromium Projects

 

[Windows_Security]

Sorry to complicated to explain, also I don't know how to set them for Yandex and Opera

I only use three policies

Policy List - The Chromium Projects
(only allow extension)

Policy List - The Chromium Projects
(block flash)

Policy List - The Chromium Projects
(lock download directory)

You have to hack the registry, see for example text below for Chrome (installed in Program Files\Google\Chrome)

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome]
"DownloadDirectory"="C:\\Users\\Kees\\Downloads"
"DefaultPluginsSetting"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionAllowedTypes]
"1"="extension"

I unzip Chromium to Program Files\Chromium, so regsitry hack would be

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium]
"DownloadDirectory"="C:\\Users\\Kees\\Downloads"
"DefaultPluginsSetting"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium\ExtensionAllowedTypes]
"1"="extension"

 

[Sunshine-boy]

Yes to complicated and that's why I asked you about it.I'm not gonna read that page:notworthy:anyway thanks for these policies! more than enough for my Need.

 

[Mr.X]

Enhanced privacy settings

Enhanced security settings

Could you tell the status they should have? (Enabled or disabled).

 

[MeltdownEnemy]

@Windows_Security Do you know about policies in chrome(browser://policy-tool)?if yes then some tutorials thanks
Policy List - The Chromium Projects

@Windows_Security Do you know about policies in chrome(browser://policy-tool)?if yes then some tutorials thanks
Policy List - The Chromium Projects

do you mean this?

 

[Ink]

Set as Enabled - Framebusting requires same-origin or a user gesture

• Don't permit an iframe to navigate the top level browsing context unless they are same-origin or the iframe is processing a user gesture. – Mac, Windows, Linux, Chrome OS, Android

Paste into omnibar

chrome://flags/#enable-framebusting-needs-sameorigin-or-usergesture

Third-party redirection Test site - Pass if not redirected.

https://ndossougbe.github.io/web-sandbox/interventions/3p-redirect/

Source

 

[Windows_Security]

Could you tell the status they should have? (Enabled or disabled).

Sorry missed your question

Security

Privacy

 

[Evjl's Rain]

besides those mentioned above. I also enabled some more as highlighted. I noticed CPU usage in the background reduces quite a lot

 

[212eta]

del

 

[Deleted member 65228]

-Is there a way of inserting the above *All-At-Once* instead of inserting them *one-by-one*?

You would have probably had it all implemented within about 40s addition to the time it took for you to post asking how to do it all at once.

 

[DeepWeb]

Not a security thing, but your eyes will thank you.

 

[Deleted member 65228]

Is there a way of inserting the above *All-At-Once* instead of inserting them *one-by-one*?

There sure is buddy, try doing them two by two

On the serious side though, there isn't AFAIK... Although if you can find out where the config file for the flags are (and assuming it is not encrypted) then you probably could but you would still risk messing something up.

The list of flags you want to change, it will take you hardly any time. Cutting corners never helped anyone in the long run, you just think it did but that is short term. Just do it yourself... Problem solved! I recon it would take you about a minute max and that is a stretch.

 

[Tsiehshi]

@212eta If you have a text editor supporting regular expressions, you *could* copy the links to a new text file, replace every instance of chrome://flags/# with a single dash following a space, remove all the \r\ns and copy the new text to the end of the target of your Chrome shortcut's properties window, but as @Opcode said, this screams of doing more work to avoid less. Instead of having to list the flags you want in the first place, enabling them as you go is better. Unless you worry about accidentally changing the wrong flags, or are procrastinating, that is.

 

[Windows_Security]

Anyone tried the new AppContainer flag for the GPU process?

 

[Sunshine-boy]

GPU process?

1-week ago.no problem here!

 

[Sunshine-boy]

OPcode you didn't answer my question here:34 Tech Firms Sign Accord Not to Assist Government Hacking Operations