chrome/common/pref_names.cc - Issue 2030193004: Add a policy for disabling the stripping of PAC URLs.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/common/pref_names.cc

Issue 2030193004: Add a policy for disabling the stripping of PAC URLs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Add better documentatiob Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chrome/common/pref_names.cc

diff --git a/chrome/common/pref_names.cc b/chrome/common/pref_names.cc

index 840d96ffb03917351647c0fc78b16d2e162f05f1..49a60b2bdb5f5a0b7c96f2d4717b19689f0bffc0 100644

--- a/chrome/common/pref_names.cc

+++ b/chrome/common/pref_names.cc

@@ -2118,8 +2118,39 @@ const char kPartnerBookmarkMappings[] = "partnerbookmarks.mappings";

#endif

// Whether DNS Quick Check is disabled in proxy resolution.

+//

+// This is a performance optimization for WPAD (Web Proxy

+// Auto-Discovery) which places a 1 second timeout on resolving the

+// DNS for PAC script URLs.

+//

+// It is on by default, but can be disabled via the Policy option

+// "WPADQuickCheckEnbled". There is no other UI for changing this

+// preference.

+//

+// For instance, if the DNS resolution for 'wpad' takes longer than 1

+// second, auto-detection will give up and fallback to the next proxy

+// configuration (which could be manually configured proxy server

+// rules, or an implicit fallback to DIRECT connections).

const char kQuickCheckEnabled[] = "proxy.quick_check_enabled";

+// Whether PAC scripts are given a stripped https:// URL (enabled), or

+// the full URL for https:// (disabled).

+//

+// This is a security feature which is on by default, and prevents PAC

+// scripts (which may have been sourced in an untrusted manner) from

+// having access to data that is ordinarily protected by a TLS channel

+// (i.e. the path and query components of an https:// URL).

+//

+// This preference is not exposed in the UI, but is overridable using

+// a Policy (PacHttpsUrlStrippingEnabled), or using a commandline

+// flag --unsafe-pac-url.

+//

+// The ability to turn off this security feature is not intended to be

+// a long-lived feature, but rather an escape-hatch for enterprises

+// while rolling out the change to PAC.

+const char kPacHttpsUrlStrippingEnabled[] =

+ "proxy.pac_https_url_stripping_enabled";

// Whether Guest Mode is enabled within the browser.

const char kBrowserGuestModeEnabled[] = "profile.browser_guest_enabled";

« no previous file with comments | « chrome/common/pref_names.h ('k') | chrome/test/data/policy/policy_test_cases.json » ('j') | no next file with comments »