Petrovic

Level 63
Verified
Trusted
If you are a regular here you know that you can modify quite a few Google Chrome settings on the chrome://flags/ page.

The majority of settings that you find there are not yet ready for prime time. Some technologies may still be in active development, other features are tested by Google and made available to a wider audience through flags.

Since you find more than a hundred flags on the page at any time, it can be quite time consuming to go through all them regularly to find out what is new.

Since the flags don't appear to be in any kind of chronological order, it is difficult to make the distinction between old and new.

This article looks at several flags that are interesting from a user point of view. Each experiment is listed with its title and internal link at the top. You need to copy and paste the link into the address bar manually to get right to the preference on the flags' page.

Experimental Chrome flags
Mark non-secure origins as non-secure

  • chrome://flags/#mark-non-secure-as


Google considers marking all http websites that you visit in Chrome as insecure at one point in time. The flag allows you to enable this feature right now in the browser. You can set them to neutral, non-secure or dubious currently using the flag.

Enable extension toolbar redesign

  • chrome://flags/#enable-extension-action-redesign


Google is working on a redesign of the extension toolbar currently. It is displayed to the right of the address bar.

If you enable the flag, extension icons are displayed for all installed extensions there.

Remember decisions to proceed through SSL errors for a specified length of time

  • chrome://flags/#remember-cert-error-decisions
When you encounter an SSL error you get options to handle it in one way or the other. You can use this setting to remember that decision for up to three months.

Enable fast tab/window close

  • chrome://flags/#enable-fast-unload
This one may speed up the closing of tabs or Chrome browser windows when enabled.

Save Page as MHTML

  • chrome://flags/#save-page-as-mhtml


Instead of saving most web pages as multiple files that depend on each other, the web page is saved as a single file.

Enable Automatic Spelling Correction

  • chrome://flags/#spellcheck-autocorrect
If you enable this feature, Chrome will auto-correct text while you are still typing.

Enable Download Resumption

  • chrome://flags/#enable-download-resumption
When a download stops for whatever reason, be it server error, transfer error, a flaky Internet connection or you closing the browser by accident, it will be restarted from the very beginning. With this set to enable, downloads are resumed from the position they stopped provided that the server supports this as well.

Only Auto-Reload Visible Tabs

  • chrome://flags/#enable-offline-auto-reload-visible-only
When tabs cannot be loaded by Chrome, for instance if the computer is offline, then they will automatically be reloaded when the browser is online again.

If you enable this feature, Chrome will only load visible tabs and not all of them.

Enable Developer Tools experiments

  • chrome://flags/#enable-devtools-experiments


This enables a new option in the Chrome Developer Tool settings that you can use to enable experimental features there.
Source
 

Spawn

Administrator
Verified
Staff member
Without opening a new topic, here are some I have configured in Chrome 64.0 64-bit.

Unsorted mix of security, privacy, usability, interface etc. Some are set to disable.
Code:
Smooth Scrolling
#smooth-scrolling

Site settings with All sites and Site details
#enable-site-settings

Material Design in the rest of the browser's native UI
#secondary-ui-md

Password generation
#enable-password-generation

Force-saving of passwords
#enable-password-force-saving

Manual password generation
#enable-manual-password-generation

New style notification
#enable-message-center-new-style-notification

Memory coordinator
#enable-memory-coordinator

Tab audio muting UI control
#enable-tab-audio-muting

Mark non-secure origins as non-secure (Always mark HTTP..)
#mark-non-secure-as

Show in-form warnings for sensitive fields when the top-level page is not HTTPS
Attaches a warning UI to any password or credit card fields detected when the top-level page is not HTTPS.
#enable-http-form-warning

Strict site isolation
Highly experimental security mode that ensures each renderer process contains pages from at most one site. In this mode, out-of-process iframes will be used whenever an iframe is cross-site.
#enable-site-per-process

App Banners
Enable the display of Progressive Web App banners, which prompt a user to add a web app to their shelf, or other platform-specific equivalent.
#enable-app-banners

Experimental app banners
#enable-experimental-app-banners

Desktop PWAs
Experimental windowing and install banner treatment for Progressive Web Apps on desktop platforms. Implies #enable-experimental-app-banners.
#enable-desktop-pwas

Experimental keyboard lock UI.
An experimental full screen with keyboard lock mode requiring users to hold Esc to exit.
#experimental-keyboard-lock-ui

Enable AppContainer Lockdown.
Enables the use of an AppContainer on sandboxed processes to improve security.
#enable-appcontainer

Enable Material Design extensions
#enable-md-extensions

Automatic tab discarding
#automatic-tab-discarding

Google branding in the context menu
Shows a Google icon next to context menu items powered by Google services.
#enable-google-branded-context-menu

Generic Sensor (Disabled)
Enables motion sensor classes based on Generic Sensor API, i.e. Accelerometer, LinearAccelerationSensor, Gyroscope, AbsoluteOrientationSensor and RelativeOrientationSensor interfaces.
#enable-generic-sensor

Generic Sensor Extra Classes (Disabled)
Enables an extra set of sensor classes based on Generic Sensor API, which expose previously unavailable platform features, i.e. AmbientLightSensor and Magnetometer interfaces.
#enable-generic-sensor-extra-classes

Throttle expensive background timers
Enables intervention to limit CPU usage of background timers to 1%.
#expensive-background-timer-throttling

Enable new Print Preview UI
#enable-new-print-preview

Custom-drawn Windows 10 Titlebar
If enabled, Chrome will draw the titlebar and caption buttons instead of deferring to Windows.
#windows10-custom-titlebar

Desktop to iOS promotions (Disabled)
Enable Desktop to iOS promotions, and allow users to see them if they are eligible.
#enable-desktop-ios-promotions

Enable the New App Menu Icon
#enable-new-app-menu-icon

Pause background tabs
Pause timers in background tabs after 5 minutes on desktop.
#pause-background-tabs

Autoplay policy (User gesture is required..)
Policy used when deciding if audio or video is allowed to autoplay.
#autoplay-policy

Enable using the Google local NTP
#use-google-local-ntp

Enable the OneGoogleBar on the local NTP
Show a OneGoogleBar on the local New Tab page if Google is the default search engine.
#one-google-bar-on-local-ntp

Enable picture in picture.
#enable-picture-in-picture

Enable Voice Search on the local NTP (Disabled)
Show a microphone for voice search on the local New Tab page if Google is the default search engine.
#voice-search-on-local-ntp

Click to open embedded PDFs
#click-to-open-pdf

Enable doodles on the local NTP
#doodles-on-local-ntp

Sound content setting
Enable site-wide muting in content settings and tab strip context menu.
#sound-content-setting
 

Windows_Security

Level 23
Verified
Trusted
Content Creator
Enhanced privacy settings
- Disable hyperlink auditing (chrome://flags/#disable-hyperlink-auditing)
- Reduce default 'referer' header granularity (chrome://flags/#reduced-referrer-granularity)

Enhanced security settings
- Permissions blacklist (chrome://flags/#enable-permissions-blacklist)
- Extension Content Verification -(chrome://flags/#extension-content-verification) ENABLE STRICT
- Block scripts loaded via document.write (chrome://flags/#disallow-doc-written-script-loads)
- Strict site isolation (chrome://flags/#enable-site-per-process)

Enhanced performance settings
- Parallel downloading (chrome://flags/#enable-parallel-downloading)

Note: Parallel downloading enabled since Chrome 63, all others I have set before leaving Wilders and joining MalwareTips (so at least two years now, without running into errors or site incompatibility problems).
 
Last edited:

Windows_Security

Level 23
Verified
Trusted
Content Creator
Sorry to complicated to explain, also I don't know how to set them for Yandex and Opera

I only use three policies


Policy List - The Chromium Projects
(only allow extension)

Policy List - The Chromium Projects
(block flash)

Policy List - The Chromium Projects
(lock download directory)

You have to hack the registry, see for example text below for Chrome (installed in Program Files\Google\Chrome)

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome]
"DownloadDirectory"="C:\\Users\\Kees\\Downloads"
"DefaultPluginsSetting"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionAllowedTypes]
"1"="extension"

I unzip Chromium to Program Files\Chromium, so regsitry hack would be

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium]
"DownloadDirectory"="C:\\Users\\Kees\\Downloads"
"DefaultPluginsSetting"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium\ExtensionAllowedTypes]
"1"="extension"
 

Spawn

Administrator
Verified
Staff member
Set as Enabled - Framebusting requires same-origin or a user gesture
  • Don't permit an iframe to navigate the top level browsing context unless they are same-origin or the iframe is processing a user gesture. – Mac, Windows, Linux, Chrome OS, Android
Paste into omnibar
Code:
chrome://flags/#enable-framebusting-needs-sameorigin-or-usergesture
Third-party redirection Test site - Pass if not redirected.
Code:
https://ndossougbe.github.io/web-sandbox/interventions/3p-redirect/
Source
 
D

Deleted member 65228

Is there a way of inserting the above *All-At-Once* instead of inserting them *one-by-one*? :unsure:
There sure is buddy, try doing them two by two :ROFLMAO::p

On the serious side though, there isn't AFAIK... Although if you can find out where the config file for the flags are (and assuming it is not encrypted) then you probably could but you would still risk messing something up.

The list of flags you want to change, it will take you hardly any time. Cutting corners never helped anyone in the long run, you just think it did but that is short term. Just do it yourself... Problem solved! I recon it would take you about a minute max and that is a stretch.
 

Tsiehshi

Level 2
@212eta If you have a text editor supporting regular expressions, you *could* copy the links to a new text file, replace every instance of chrome://flags/# with a single dash following a space, remove all the \r\ns and copy the new text to the end of the target of your Chrome shortcut's properties window, but as @Opcode said, this screams of doing more work to avoid less. Instead of having to list the flags you want in the first place, enabling them as you go is better. Unless you worry about accidentally changing the wrong flags, or are procrastinating, that is. ;)
 
Last edited: