OLD | NEW |
1 { | 1 { |
2 # policy_templates.json - Metafile for policy templates | 2 # policy_templates.json - Metafile for policy templates |
3 # | 3 # |
4 # The content of this file is evaluated as a Python expression. | 4 # The content of this file is evaluated as a Python expression. |
5 # | 5 # |
6 # This file is used as input to generate the following policy templates: | 6 # This file is used as input to generate the following policy templates: |
7 # ADM, ADMX+ADML, MCX/plist and html documentation. | 7 # ADM, ADMX+ADML, MCX/plist and html documentation. |
8 # | 8 # |
9 # Policy templates are user interface definitions or documents about the | 9 # Policy templates are user interface definitions or documents about the |
10 # policies that can be used to configure Chrome. Each policy is a name-value | 10 # policies that can be used to configure Chrome. Each policy is a name-value |
(...skipping 116 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
127 # templates and documentation. The policy definition list that Chrome sees | 127 # templates and documentation. The policy definition list that Chrome sees |
128 # will include policies marked with 'future'. If a WIP policy isn't meant to | 128 # will include policies marked with 'future'. If a WIP policy isn't meant to |
129 # be seen by the policy providers either, the 'supported_on' key should be set | 129 # be seen by the policy providers either, the 'supported_on' key should be set |
130 # to an empty list. | 130 # to an empty list. |
131 # | 131 # |
132 # IDs: | 132 # IDs: |
133 # Since a Protocol Buffer definition is generated from this file, unique and | 133 # Since a Protocol Buffer definition is generated from this file, unique and |
134 # persistent IDs for all fields (but not for groups!) are needed. These are | 134 # persistent IDs for all fields (but not for groups!) are needed. These are |
135 # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs, | 135 # specified by the 'id' keys of each policy. NEVER CHANGE EXISTING IDs, |
136 # because doing so would break the deployed wire format! | 136 # because doing so would break the deployed wire format! |
137 # For your editing convenience: highest ID currently used: 309 | 137 # For your editing convenience: highest ID currently used: 310 |
138 # | 138 # |
139 # Placeholders: | 139 # Placeholders: |
140 # The following placeholder strings are automatically substituted: | 140 # The following placeholder strings are automatically substituted: |
141 # $1 -> Google Chrome / Chromium | 141 # $1 -> Google Chrome / Chromium |
142 # $2 -> Google Chrome OS / Chromium OS | 142 # $2 -> Google Chrome OS / Chromium OS |
143 # $3 -> Google Chrome Frame / Chromium Frame | 143 # $3 -> Google Chrome Frame / Chromium Frame |
144 # $6 is reserved for doc_writer | 144 # $6 is reserved for doc_writer |
145 # | 145 # |
146 # Device Policy: | 146 # Device Policy: |
147 # An additional flag 'device_only' (optional, defaults to False) indicates | 147 # An additional flag 'device_only' (optional, defaults to False) indicates |
(...skipping 7602 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
7750 | 7750 |
7751 When a TLS handshake fails, <ph name="PRODUCT_NAME">$1<ex>Google Chrome</e
x></ph> will retry the connection with a lesser version of TLS in order to work
around bugs in HTTPS servers. This setting configures the version at which this
fallback process will stop. If a server performs version negotiation correctly (
i.e. without breaking the connection) then this setting doesn't apply. Regardles
s, the resulting connection must still comply with SSLVersionMin. | 7751 When a TLS handshake fails, <ph name="PRODUCT_NAME">$1<ex>Google Chrome</e
x></ph> will retry the connection with a lesser version of TLS in order to work
around bugs in HTTPS servers. This setting configures the version at which this
fallback process will stop. If a server performs version negotiation correctly (
i.e. without breaking the connection) then this setting doesn't apply. Regardles
s, the resulting connection must still comply with SSLVersionMin. |
7752 | 7752 |
7753 If this policy is not configured then <ph name="PRODUCT_NAME">$1<ex>Google
Chrome</ex></ph> uses a default minimum version which is TLS 1.0 in <ph name="P
RODUCT_NAME">$1<ex>Google Chrome</ex></ph> 44 and TLS 1.1 in later versions. Not
e this does not disable support for TLS 1.0, only whether <ph name="PRODUCT_NAME
">$1<ex>Google Chrome</ex></ph> will work around buggy servers which cannot nego
tiate versions correctly. | 7753 If this policy is not configured then <ph name="PRODUCT_NAME">$1<ex>Google
Chrome</ex></ph> uses a default minimum version which is TLS 1.0 in <ph name="P
RODUCT_NAME">$1<ex>Google Chrome</ex></ph> 44 and TLS 1.1 in later versions. Not
e this does not disable support for TLS 1.0, only whether <ph name="PRODUCT_NAME
">$1<ex>Google Chrome</ex></ph> will work around buggy servers which cannot nego
tiate versions correctly. |
7754 | 7754 |
7755 Otherwise it may be set to one of the following values: "tls1", "tls1.1" o
r "tls1.2". If compatibility with a buggy server must be maintained, this may be
set to "tls1". This is a stopgap measure and the server should be rapidly fixed
. | 7755 Otherwise it may be set to one of the following values: "tls1", "tls1.1" o
r "tls1.2". If compatibility with a buggy server must be maintained, this may be
set to "tls1". This is a stopgap measure and the server should be rapidly fixed
. |
7756 | 7756 |
7757 A setting of "tls1.2" disables all fallback but this may have a significan
t compatibility impact.''', | 7757 A setting of "tls1.2" disables all fallback but this may have a significan
t compatibility impact.''', |
7758 }, | 7758 }, |
7759 { | 7759 { |
| 7760 'name': 'RC4Enabled', |
| 7761 'type': 'main', |
| 7762 'schema': { |
| 7763 'type': 'boolean', |
| 7764 }, |
| 7765 'supported_on': [ |
| 7766 'chrome.*:48-52', |
| 7767 'chrome_os:48-52', |
| 7768 'android:48-52', |
| 7769 'ios:48-52', |
| 7770 ], |
| 7771 'features': { |
| 7772 'dynamic_refresh': True, |
| 7773 'per_profile': False, |
| 7774 }, |
| 7775 'example_value': False, |
| 7776 'id': 310, |
| 7777 'caption': '''Whether RC4 cipher suites in TLS are enabled''', |
| 7778 'tags': ['system-security'], |
| 7779 'desc': '''Warning: RC4 will be completely removed from <ph name="PRODUCT_
NAME">$1<ex>Google Chrome</ex></ph> after version 52 (around September 2016) and
this policy will stop working then. |
| 7780 |
| 7781 If the policy is not set, or is set to false, then RC4 cipher suites in TL
S will not be enabled. Otherwise it may be set to true to retain compatibility w
ith an outdated server. This is a stopgap measure and the server should be recon
figured.''', |
| 7782 }, |
| 7783 { |
7760 'name': 'ContextualSearchEnabled', | 7784 'name': 'ContextualSearchEnabled', |
7761 'type': 'main', | 7785 'type': 'main', |
7762 'schema': { 'type': 'boolean' }, | 7786 'schema': { 'type': 'boolean' }, |
7763 'supported_on': [ | 7787 'supported_on': [ |
7764 'android:40-', | 7788 'android:40-', |
7765 ], | 7789 ], |
7766 'features': { | 7790 'features': { |
7767 'dynamic_refresh': True, | 7791 'dynamic_refresh': True, |
7768 'per_profile': True, | 7792 'per_profile': True, |
7769 }, | 7793 }, |
(...skipping 324 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
8094 'desc': '''Text appended in parentheses next to the policies top-level con
tainer to indicate that those policies are of the Recommended level''', | 8118 'desc': '''Text appended in parentheses next to the policies top-level con
tainer to indicate that those policies are of the Recommended level''', |
8095 'text': 'Default Settings (users can override)', | 8119 'text': 'Default Settings (users can override)', |
8096 }, | 8120 }, |
8097 'doc_complex_policies_on_windows': { | 8121 'doc_complex_policies_on_windows': { |
8098 'desc': '''Text pointing the user to a help article for complex policies o
n Windows''', | 8122 'desc': '''Text pointing the user to a help article for complex policies o
n Windows''', |
8099 'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POL
ICIES_URL">https://www.chromium.org/administrators/complex-policies-on-windows<e
x>https://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>'
'', | 8123 'text': '''encoded as a JSON string, for details see <ph name="COMPLEX_POL
ICIES_URL">https://www.chromium.org/administrators/complex-policies-on-windows<e
x>https://www.chromium.org/administrators/complex-policies-on-windows</ex></ph>'
'', |
8100 }, | 8124 }, |
8101 }, | 8125 }, |
8102 'placeholders': [], | 8126 'placeholders': [], |
8103 } | 8127 } |
OLD | NEW |