OLD | NEW |
1 { | 1 { |
2 # policy_templates.json - Metafile for policy templates | 2 # policy_templates.json - Metafile for policy templates |
3 # | 3 # |
4 # The content of this file is evaluated as a Python expression. | 4 # The content of this file is evaluated as a Python expression. |
5 # | 5 # |
6 # This file is used as input to generate the following policy templates: | 6 # This file is used as input to generate the following policy templates: |
7 # ADM, ADMX+ADML, MCX/plist and html documentation. | 7 # ADM, ADMX+ADML, MCX/plist and html documentation. |
8 # | 8 # |
9 # Policy templates are user interface definitions or documents about the | 9 # Policy templates are user interface definitions or documents about the |
10 # policies that can be used to configure Chrome. Each policy is a name-value | 10 # policies that can be used to configure Chrome. Each policy is a name-value |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
127 # templates and documentation. The policy definition list that Chrome sees | 127 # templates and documentation. The policy definition list that Chrome sees |
128 # will include policies marked with 'future'. If a WIP policy isn't meant to | 128 # will include policies marked with 'future'. If a WIP policy isn't meant to |
129 # be seen by the policy providers either, the 'supported_on' key should be set | 129 # be seen by the policy providers either, the 'supported_on' key should be set |
130 # to an empty list. | 130 # to an empty list. |
131 # | 131 # |
132 # IDs: | 132 # IDs: |
133 # Since a Protocol Buffer definition is generated from this file, unique and | 133 # Since a Protocol Buffer definition is generated from this file, unique and |
134 # persistent IDs for all fields (but not for groups!) are needed. These are | 134 # persistent IDs for all fields (but not for groups!) are needed. These are |
135 # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs, | 135 # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs, |
136 # because doing so would break the deployed wire format! | 136 # because doing so would break the deployed wire format! |
137 # For your editing convenience: highest ID currently used: 308 | 137 # For your editing convenience: highest ID currently used: 309 |
138 # | 138 # |
139 # Placeholders: | 139 # Placeholders: |
140 # The following placeholder strings are automatically substituted: | 140 # The following placeholder strings are automatically substituted: |
141 # $1 -> Google Chrome / Chromium | 141 # $1 -> Google Chrome / Chromium |
142 # $2 -> Google Chrome OS / Chromium OS | 142 # $2 -> Google Chrome OS / Chromium OS |
143 # $3 -> Google Chrome Frame / Chromium Frame | 143 # $3 -> Google Chrome Frame / Chromium Frame |
144 # $6 is reserved for doc_writer | 144 # $6 is reserved for doc_writer |
145 # | 145 # |
146 # Device Policy: | 146 # Device Policy: |
147 # An additional flag 'device_only' (optional, defaults to False) indicates | 147 # An additional flag 'device_only' (optional, defaults to False) indicates |
(...skipping 7584 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
7732 | 7732 |
7733 When a TLS handshake fails, <ph name="PRODUCT_NAME">$1<ex>Google Chrome</e
x></ph> will retry the connection with a lesser version of TLS in order to work
around bugs in HTTPS servers. This setting configures the version at which this
fallback process will stop. If a server performs version negotiation correctly (
i.e. without breaking the connection) then this setting doesn't apply. Regardles
s, the resulting connection must still comply with SSLVersionMin. | 7733 When a TLS handshake fails, <ph name="PRODUCT_NAME">$1<ex>Google Chrome</e
x></ph> will retry the connection with a lesser version of TLS in order to work
around bugs in HTTPS servers. This setting configures the version at which this
fallback process will stop. If a server performs version negotiation correctly (
i.e. without breaking the connection) then this setting doesn't apply. Regardles
s, the resulting connection must still comply with SSLVersionMin. |
7734 | 7734 |
7735 If this policy is not configured then <ph name="PRODUCT_NAME">$1<ex>Google
Chrome</ex></ph> uses a default minimum version which is TLS 1.0 in <ph name="P
RODUCT_NAME">$1<ex>Google Chrome</ex></ph> 44 and TLS 1.1 in later versions. Not
e this does not disable support for TLS 1.0, only whether <ph name="PRODUCT_NAME
">$1<ex>Google Chrome</ex></ph> will work around buggy servers which cannot nego
tiate versions correctly. | 7735 If this policy is not configured then <ph name="PRODUCT_NAME">$1<ex>Google
Chrome</ex></ph> uses a default minimum version which is TLS 1.0 in <ph name="P
RODUCT_NAME">$1<ex>Google Chrome</ex></ph> 44 and TLS 1.1 in later versions. Not
e this does not disable support for TLS 1.0, only whether <ph name="PRODUCT_NAME
">$1<ex>Google Chrome</ex></ph> will work around buggy servers which cannot nego
tiate versions correctly. |
7736 | 7736 |
7737 Otherwise it may be set to one of the following values: "tls1", "tls1.1" o
r "tls1.2". If compatibility with a buggy server must be maintained, this may be
set to "tls1". This is a stopgap measure and the server should be rapidly fixed
. | 7737 Otherwise it may be set to one of the following values: "tls1", "tls1.1" o
r "tls1.2". If compatibility with a buggy server must be maintained, this may be
set to "tls1". This is a stopgap measure and the server should be rapidly fixed
. |
7738 | 7738 |
7739 A setting of "tls1.2" disables all fallback but this may have a significan
t compatibility impact.''', | 7739 A setting of "tls1.2" disables all fallback but this may have a significan
t compatibility impact.''', |
7740 }, | 7740 }, |
7741 { | 7741 { |
| 7742 'name': 'RC4Enabled', |
| 7743 'type': 'main', |
| 7744 'schema': { |
| 7745 'type': 'boolean', |
| 7746 }, |
| 7747 'supported_on': [ |
| 7748 'chrome.*:48-52', |
| 7749 'chrome_os:48-52', |
| 7750 'android:48-52', |
| 7751 'ios:48-52', |
| 7752 ], |
| 7753 'features': { |
| 7754 'dynamic_refresh': True, |
| 7755 'per_profile': False, |
| 7756 }, |
| 7757 'example_value': False, |
| 7758 'id': 309, |
| 7759 'caption': '''Whether RC4 cipher suites in TLS are enabled''', |
| 7760 'tags': ['system-security'], |
| 7761 'desc': '''Warning: RC4 will be completely removed from <ph name="PRODUCT_
NAME">$1<ex>Google Chrome</ex></ph> after version 52 (around September 2016) and
this policy will stop working then. |
| 7762 |
| 7763 If the policy is not set, or is set to false, then RC4 cipher suites in TL
S will not be enabled. Otherwise it may be set to true to retain compatibility w
ith an outdated server. This is a stopgap measure and the server should be recon
figured.''', |
| 7764 }, |
| 7765 { |
7742 'name': 'ContextualSearchEnabled', | 7766 'name': 'ContextualSearchEnabled', |
7743 'type': 'main', | 7767 'type': 'main', |
7744 'schema': { 'type': 'boolean' }, | 7768 'schema': { 'type': 'boolean' }, |
7745 'supported_on': [ | 7769 'supported_on': [ |
7746 'android:40-', | 7770 'android:40-', |
7747 ], | 7771 ], |
7748 'features': { | 7772 'features': { |
7749 'dynamic_refresh': True, | 7773 'dynamic_refresh': True, |
7750 'per_profile': True, | 7774 'per_profile': True, |
7751 }, | 7775 }, |
(...skipping 324 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
8076 'desc': '''Text appended in parentheses next to the policies top-level con
tainer to indicate that those policies are of the Recommended level''', | 8100 'desc': '''Text appended in parentheses next to the policies top-level con
tainer to indicate that those policies are of the Recommended level''', |
8077 'text': 'Default Settings (users can override)', | 8101 'text': 'Default Settings (users can override)', |
8078 }, | 8102 }, |
8079 'doc_complex_policies_on_windows': { | 8103 'doc_complex_policies_on_windows': { |
8080 'desc': '''Text pointing the user to a help article for complex policies o
n Windows''', | 8104 'desc': '''Text pointing the user to a help article for complex policies o
n Windows''', |
8081 'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POL
ICIES_URL">https://www.chromium.org/administrators/complex-policies-on-windows<e
x>https://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>'
'', | 8105 'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POL
ICIES_URL">https://www.chromium.org/administrators/complex-policies-on-windows<e
x>https://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>'
'', |
8082 }, | 8106 }, |
8083 }, | 8107 }, |
8084 'placeholders': [], | 8108 'placeholders': [], |
8085 } | 8109 } |
OLD | NEW |