List of Interesting Experimental Flags for Google Chrome to Try Out

Ink

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
@Windows_Security
Thoughts about using Isolate additional origins, if know-how is possible?
chrome://flags/#isolate-origins
Requires dedicated processes for an additional set of origins, specified as a comma-separated list. – Mac, Windows, Linux, Chrome OS, Android
Click to expand...
215612


Disabled by default;
Chrome 75.x
 
  • Like
Reactions: oldschool and harlan4096
Windows_Security

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Spawn said:
@Windows_Security
Thoughts about using Isolate additional origins, if know-how is possible?
chrome://flags/#isolate-origins

View attachment 215612

Disabled by default;
Chrome 75.x
Click to expand...
EDIT: site isolation is set to ON by default for ALL domains. When SITE ISOLATION is DISABLED, it is possible to ENABLE site isolation for the domains specified with this flag: e.g. ENABLE and add in the text box WEBSITE1.COM, DOMAIN2.ORG, etc

SO when your favourite gaming website would require you to disable SITE ISOLATION (for all), you can still list your favourite XXX websiites here, so you can watch human interaction videos at ease knowing that they are still running in the safer "Site Isolation mode"

The per process means that the domains specified are run in a seperate process using SITE ISOLATION.
 
  • Like
  • Thanks
Reactions: [correlate], oldschool, harlan4096 and 1 other person
cryogent

cryogent

Level 7
Verified
Well-known
Oct 1, 2016
307
Yes indeed, the z....com article is written in octomber ...but is in one of the links provided by them..
"read the upcoming release notes for details about DoH policies which will be published on our Chrome Enterprise blog."
And in my stable 78 Chrome release this flag/settings is not available...and in article is mentioned is in a Chrome stable release.
I hope i dind't miss understand the article.
 
  • Like
Reactions: [correlate]
bjm_

bjm_

Level 14
Verified
Top Poster
Well-known
May 17, 2015
669
Any way to display the full URL address again in the address bar/omnibox.
I used these flags in 77.0 #85.
https://www.askvg.com/tip-restore-https-and-www-in-website-urls-in-google-chrome-address-bar/
Now, in 78.0 those flags are gone.
Any way to display the full URL address in the omnibox without double click?
 
Last edited:
  • Like
Reactions: [correlate]
cryogent

cryogent

Level 7
Verified
Well-known
Oct 1, 2016
307
This flags:
"Prefetch requests for cross-origin main resources are fetched with a special NetworkIsolationKey "
or
"Prefetch request properties are updated to be privacy-preserving "

must be enabled if "Cross Origin Isolation" is enabled?

This flags is in Brave.
 
  • Like
Reactions: Protomartyr and oldschool
Lenny_Fox

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
I use the experiments below for enhanced privacy, security and performance.

Privacy
  • Anonymize local IPs exposed by WebRTC (only shows public IP, not home network IP)
  • Reduce default 'referer' header granularity (only provides domain name as referer)
  • Prefetch request properties are updated to be privacy-preserving (block referer and credentials for cross origin prefetch request)

Security
  • Cross Origin Isolation (enables cross origin opener and embedder policy to reduce risk of speculative attacks)
  • Strict Origin Isolation (strengthens the site isolation policy further by blocking cross origin frames in same site scripts)
  • Treat risky downloads over insecure connections as active mixed content (blocks download of executable content over HTTP)
  • Secure DNS lookups (Enables DNS over HTTPS, Opera users should use Secure DNS)
  • Extension Content Verification - Enforce strict (verifies contents of the files from extensions are what they should be)

Performance
  • Parallel downloading (enable to accelerate download speed)
  • Load Media Router Component Extension (prevents loading of media router extension at startup).
    The media router allows the client to negotiate a peer-to-peer media streaming session via WebRtc and Cast Streaming.
 
Last edited:
  • Like
  • +Reputation
Reactions: Sunshine-boy, Protomartyr, harlan4096 and 3 others
Sampei Nihira

Sampei Nihira

Level 6
Verified
Well-known
Dec 26, 2019
287
Lenny_Linux said:
I use the experiments below for enhanced privacy, security and performance.

Privacy
  • Anonymize local IPs exposed by WebRTC (only shows public IP, not home network IP)
  • Reduce default 'referer' header granularity (only provides domain name as referer)
  • Prefetch request properties are updated to be privacy-preserving (block referer and credentials for cross origin prefetch request)

Security
  • Cross Origin Isolation (enables cross origin opener and embedder policy to reduce risk of speculative attacks)
  • Strict Origin Isolation (strengthens the site isolation policy further by blocking cross origin frames in same site scripts)
  • Treat risky downloads over insecure connections as active mixed content (blocks download of executable content over HTTP)
  • Secure DNS lookups (Enables DNS over HTTPS, Opera users should use Secure DNS)
  • Extension Content Verification - Enforce strict (verifies contents of the files from extensions are what they should be)

Performance
  • Parallel downloading (enable to accelerate download speed)
  • Load Media Router Component Extension (prevents loading of media router extension at startup).
    The media router allows the client to negotiate a peer-to-peer media streaming session via WebRtc and Cast Streaming.
Click to expand...

Of your list I don't use:

Anonymize local IPs exposed by WebRTC = UBO
Load Media Router Component Extension

But I add to Chrome the 2 Command Line Switches that I have mentioned several times.
 
  • Like
Reactions: Protomartyr and oldschool

Similar threads

silversurfer
    • Like
New Update Google Chrome: Reading Mode for distraction-free reading announced
Replies
0
Views
575
Chrome & Chromium
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • Wow
Chrome Enterprise Premium promises extra security – for a fee
Replies
1
Views
189
Chrome & Chromium
Brahman
Brahman
silversurfer
    • Like
New Update Google Chrome's Password Manager is getting these new features
Replies
1
Views
518
Chrome & Chromium
Ink
Ink

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top