List of Interesting Experimental Flags for Google Chrome to Try Out

Ink

Administrator
Verified
Jan 8, 2011
22,490
@Windows_Security
Thoughts about using Isolate additional origins, if know-how is possible?
chrome://flags/#isolate-origins
Requires dedicated processes for an additional set of origins, specified as a comma-separated list. – Mac, Windows, Linux, Chrome OS, Android
215612


Disabled by default;
Chrome 75.x
 

Windows_Security

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Mar 13, 2016
1,298
@Windows_Security
Thoughts about using Isolate additional origins, if know-how is possible?
chrome://flags/#isolate-origins

View attachment 215612

Disabled by default;
Chrome 75.x
EDIT: site isolation is set to ON by default for ALL domains. When SITE ISOLATION is DISABLED, it is possible to ENABLE site isolation for the domains specified with this flag: e.g. ENABLE and add in the text box WEBSITE1.COM, DOMAIN2.ORG, etc

SO when your favourite gaming website would require you to disable SITE ISOLATION (for all), you can still list your favourite XXX websiites here, so you can watch human interaction videos at ease knowing that they are still running in the safer "Site Isolation mode"

The per process means that the domains specified are run in a seperate process using SITE ISOLATION.
 

cryogent

Level 7
Verified
Well-known
Oct 1, 2016
311
Yes indeed, the z....com article is written in octomber ...but is in one of the links provided by them..
"read the upcoming release notes for details about DoH policies which will be published on our Chrome Enterprise blog."
And in my stable 78 Chrome release this flag/settings is not available...and in article is mentioned is in a Chrome stable release.
I hope i dind't miss understand the article.
 
  • Like
Reactions: [correlate]

bjm_

Level 15
Verified
Top Poster
Well-known
May 17, 2015
714
Any way to display the full URL address again in the address bar/omnibox.
I used these flags in 77.0 #85.
https://www.askvg.com/tip-restore-https-and-www-in-website-urls-in-google-chrome-address-bar/
Now, in 78.0 those flags are gone.
Any way to display the full URL address in the omnibox without double click?
 
Last edited:
  • Like
Reactions: [correlate]

cryogent

Level 7
Verified
Well-known
Oct 1, 2016
311
This flags:
"Prefetch requests for cross-origin main resources are fetched with a special NetworkIsolationKey "
or
"Prefetch request properties are updated to be privacy-preserving "

must be enabled if "Cross Origin Isolation" is enabled?

This flags is in Brave.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
I use the experiments below for enhanced privacy, security and performance.

Privacy
  • Anonymize local IPs exposed by WebRTC (only shows public IP, not home network IP)
  • Reduce default 'referer' header granularity (only provides domain name as referer)
  • Prefetch request properties are updated to be privacy-preserving (block referer and credentials for cross origin prefetch request)

Security
  • Cross Origin Isolation (enables cross origin opener and embedder policy to reduce risk of speculative attacks)
  • Strict Origin Isolation (strengthens the site isolation policy further by blocking cross origin frames in same site scripts)
  • Treat risky downloads over insecure connections as active mixed content (blocks download of executable content over HTTP)
  • Secure DNS lookups (Enables DNS over HTTPS, Opera users should use Secure DNS)
  • Extension Content Verification - Enforce strict (verifies contents of the files from extensions are what they should be)

Performance
  • Parallel downloading (enable to accelerate download speed)
  • Load Media Router Component Extension (prevents loading of media router extension at startup).
    The media router allows the client to negotiate a peer-to-peer media streaming session via WebRtc and Cast Streaming.
 
Last edited:

Sampei Nihira

Level 6
Verified
Well-known
Dec 26, 2019
287
I use the experiments below for enhanced privacy, security and performance.

Privacy
  • Anonymize local IPs exposed by WebRTC (only shows public IP, not home network IP)
  • Reduce default 'referer' header granularity (only provides domain name as referer)
  • Prefetch request properties are updated to be privacy-preserving (block referer and credentials for cross origin prefetch request)

Security
  • Cross Origin Isolation (enables cross origin opener and embedder policy to reduce risk of speculative attacks)
  • Strict Origin Isolation (strengthens the site isolation policy further by blocking cross origin frames in same site scripts)
  • Treat risky downloads over insecure connections as active mixed content (blocks download of executable content over HTTP)
  • Secure DNS lookups (Enables DNS over HTTPS, Opera users should use Secure DNS)
  • Extension Content Verification - Enforce strict (verifies contents of the files from extensions are what they should be)

Performance
  • Parallel downloading (enable to accelerate download speed)
  • Load Media Router Component Extension (prevents loading of media router extension at startup).
    The media router allows the client to negotiate a peer-to-peer media streaming session via WebRtc and Cast Streaming.

Of your list I don't use:

Anonymize local IPs exposed by WebRTC = UBO
Load Media Router Component Extension

But I add to Chrome the 2 Command Line Switches that I have mentioned several times.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top