List of Interesting Experimental Flags for Google Chrome to Try Out

Petrovic

Level 64
Thread author
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
If you are a regular here you know that you can modify quite a few Google Chrome settings on the chrome://flags/ page.

The majority of settings that you find there are not yet ready for prime time. Some technologies may still be in active development, other features are tested by Google and made available to a wider audience through flags.

Since you find more than a hundred flags on the page at any time, it can be quite time consuming to go through all them regularly to find out what is new.

Since the flags don't appear to be in any kind of chronological order, it is difficult to make the distinction between old and new.

This article looks at several flags that are interesting from a user point of view. Each experiment is listed with its title and internal link at the top. You need to copy and paste the link into the address bar manually to get right to the preference on the flags' page.

Experimental Chrome flags
Mark non-secure origins as non-secure

  • chrome://flags/#mark-non-secure-as


Google considers marking all http websites that you visit in Chrome as insecure at one point in time. The flag allows you to enable this feature right now in the browser. You can set them to neutral, non-secure or dubious currently using the flag.

Enable extension toolbar redesign

  • chrome://flags/#enable-extension-action-redesign


Google is working on a redesign of the extension toolbar currently. It is displayed to the right of the address bar.

If you enable the flag, extension icons are displayed for all installed extensions there.

Remember decisions to proceed through SSL errors for a specified length of time

  • chrome://flags/#remember-cert-error-decisions
When you encounter an SSL error you get options to handle it in one way or the other. You can use this setting to remember that decision for up to three months.

Enable fast tab/window close

  • chrome://flags/#enable-fast-unload
This one may speed up the closing of tabs or Chrome browser windows when enabled.

Save Page as MHTML

  • chrome://flags/#save-page-as-mhtml


Instead of saving most web pages as multiple files that depend on each other, the web page is saved as a single file.

Enable Automatic Spelling Correction

  • chrome://flags/#spellcheck-autocorrect
If you enable this feature, Chrome will auto-correct text while you are still typing.

Enable Download Resumption

  • chrome://flags/#enable-download-resumption
When a download stops for whatever reason, be it server error, transfer error, a flaky Internet connection or you closing the browser by accident, it will be restarted from the very beginning. With this set to enable, downloads are resumed from the position they stopped provided that the server supports this as well.

Only Auto-Reload Visible Tabs

  • chrome://flags/#enable-offline-auto-reload-visible-only
When tabs cannot be loaded by Chrome, for instance if the computer is offline, then they will automatically be reloaded when the browser is online again.

If you enable this feature, Chrome will only load visible tabs and not all of them.

Enable Developer Tools experiments

  • chrome://flags/#enable-devtools-experiments


This enables a new option in the Chrome Developer Tool settings that you can use to enable experimental features there.
Source
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Without opening a new topic, here are some I have configured in Chrome 64.0 64-bit.

Unsorted mix of security, privacy, usability, interface etc. Some are set to disable.
Code:
Smooth Scrolling
#smooth-scrolling

Site settings with All sites and Site details
#enable-site-settings

Material Design in the rest of the browser's native UI
#secondary-ui-md

Password generation
#enable-password-generation

Force-saving of passwords
#enable-password-force-saving

Manual password generation
#enable-manual-password-generation

New style notification
#enable-message-center-new-style-notification

Memory coordinator
#enable-memory-coordinator

Tab audio muting UI control
#enable-tab-audio-muting

Mark non-secure origins as non-secure (Always mark HTTP..)
#mark-non-secure-as

Show in-form warnings for sensitive fields when the top-level page is not HTTPS
Attaches a warning UI to any password or credit card fields detected when the top-level page is not HTTPS.
#enable-http-form-warning

Strict site isolation
Highly experimental security mode that ensures each renderer process contains pages from at most one site. In this mode, out-of-process iframes will be used whenever an iframe is cross-site.
#enable-site-per-process

App Banners
Enable the display of Progressive Web App banners, which prompt a user to add a web app to their shelf, or other platform-specific equivalent.
#enable-app-banners

Experimental app banners
#enable-experimental-app-banners

Desktop PWAs
Experimental windowing and install banner treatment for Progressive Web Apps on desktop platforms. Implies #enable-experimental-app-banners.
#enable-desktop-pwas

Experimental keyboard lock UI.
An experimental full screen with keyboard lock mode requiring users to hold Esc to exit.
#experimental-keyboard-lock-ui

Enable AppContainer Lockdown.
Enables the use of an AppContainer on sandboxed processes to improve security.
#enable-appcontainer

Enable Material Design extensions
#enable-md-extensions

Automatic tab discarding
#automatic-tab-discarding

Google branding in the context menu
Shows a Google icon next to context menu items powered by Google services.
#enable-google-branded-context-menu

Generic Sensor (Disabled)
Enables motion sensor classes based on Generic Sensor API, i.e. Accelerometer, LinearAccelerationSensor, Gyroscope, AbsoluteOrientationSensor and RelativeOrientationSensor interfaces.
#enable-generic-sensor

Generic Sensor Extra Classes (Disabled)
Enables an extra set of sensor classes based on Generic Sensor API, which expose previously unavailable platform features, i.e. AmbientLightSensor and Magnetometer interfaces.
#enable-generic-sensor-extra-classes

Throttle expensive background timers
Enables intervention to limit CPU usage of background timers to 1%.
#expensive-background-timer-throttling

Enable new Print Preview UI
#enable-new-print-preview

Custom-drawn Windows 10 Titlebar
If enabled, Chrome will draw the titlebar and caption buttons instead of deferring to Windows.
#windows10-custom-titlebar

Desktop to iOS promotions (Disabled)
Enable Desktop to iOS promotions, and allow users to see them if they are eligible.
#enable-desktop-ios-promotions

Enable the New App Menu Icon
#enable-new-app-menu-icon

Pause background tabs
Pause timers in background tabs after 5 minutes on desktop.
#pause-background-tabs

Autoplay policy (User gesture is required..)
Policy used when deciding if audio or video is allowed to autoplay.
#autoplay-policy

Enable using the Google local NTP
#use-google-local-ntp

Enable the OneGoogleBar on the local NTP
Show a OneGoogleBar on the local New Tab page if Google is the default search engine.
#one-google-bar-on-local-ntp

Enable picture in picture.
#enable-picture-in-picture

Enable Voice Search on the local NTP (Disabled)
Show a microphone for voice search on the local New Tab page if Google is the default search engine.
#voice-search-on-local-ntp

Click to open embedded PDFs
#click-to-open-pdf

Enable doodles on the local NTP
#doodles-on-local-ntp

Sound content setting
Enable site-wide muting in content settings and tab strip context menu.
#sound-content-setting
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Enhanced privacy settings
- Disable hyperlink auditing (chrome://flags/#disable-hyperlink-auditing)
- Reduce default 'referer' header granularity (chrome://flags/#reduced-referrer-granularity)

Enhanced security settings
- Permissions blacklist (chrome://flags/#enable-permissions-blacklist)
- Extension Content Verification -(chrome://flags/#extension-content-verification) ENABLE STRICT
- Block scripts loaded via document.write (chrome://flags/#disallow-doc-written-script-loads)
- Strict site isolation (chrome://flags/#enable-site-per-process)

Enhanced performance settings
- Parallel downloading (chrome://flags/#enable-parallel-downloading)

Note: Parallel downloading enabled since Chrome 63, all others I have set before leaving Wilders and joining MalwareTips (so at least two years now, without running into errors or site incompatibility problems).
 
Last edited:

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
Sorry to complicated to explain, also I don't know how to set them for Yandex and Opera

I only use three policies


Policy List - The Chromium Projects
(only allow extension)

Policy List - The Chromium Projects
(block flash)

Policy List - The Chromium Projects
(lock download directory)

You have to hack the registry, see for example text below for Chrome (installed in Program Files\Google\Chrome)

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome]
"DownloadDirectory"="C:\\Users\\Kees\\Downloads"
"DefaultPluginsSetting"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome\ExtensionAllowedTypes]
"1"="extension"

I unzip Chromium to Program Files\Chromium, so regsitry hack would be

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium]
"DownloadDirectory"="C:\\Users\\Kees\\Downloads"
"DefaultPluginsSetting"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Chromium\ExtensionAllowedTypes]
"1"="extension"
 

MeltdownEnemy

Level 7
Verified
Well-known
Jan 25, 2018
300
@Windows_Security Do you know about policies in chrome(browser://policy-tool)?if yes then some tutorials thanks :)
Policy List - The Chromium Projects
@Windows_Security Do you know about policies in chrome(browser://policy-tool)?if yes then some tutorials thanks :)
Policy List - The Chromium Projects

C5FRAtL.png

do you mean this?
 
  • Like
Reactions: simmerskool

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Set as Enabled - Framebusting requires same-origin or a user gesture
  • Don't permit an iframe to navigate the top level browsing context unless they are same-origin or the iframe is processing a user gesture. – Mac, Windows, Linux, Chrome OS, Android
Paste into omnibar
Code:
chrome://flags/#enable-framebusting-needs-sameorigin-or-usergesture

Third-party redirection Test site - Pass if not redirected.
Code:
https://ndossougbe.github.io/web-sandbox/interventions/3p-redirect/

Source
 
D

Deleted member 65228

Is there a way of inserting the above *All-At-Once* instead of inserting them *one-by-one*? :unsure:
There sure is buddy, try doing them two by two :ROFLMAO::p

On the serious side though, there isn't AFAIK... Although if you can find out where the config file for the flags are (and assuming it is not encrypted) then you probably could but you would still risk messing something up.

The list of flags you want to change, it will take you hardly any time. Cutting corners never helped anyone in the long run, you just think it did but that is short term. Just do it yourself... Problem solved! I recon it would take you about a minute max and that is a stretch.
 

Tsiehshi

Level 2
Verified
Nov 11, 2017
51
@212eta If you have a text editor supporting regular expressions, you *could* copy the links to a new text file, replace every instance of chrome://flags/# with a single dash following a space, remove all the \r\ns and copy the new text to the end of the target of your Chrome shortcut's properties window, but as @Opcode said, this screams of doing more work to avoid less. Instead of having to list the flags you want in the first place, enabling them as you go is better. Unless you worry about accidentally changing the wrong flags, or are procrastinating, that is. ;)
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top