ControlledFrameAllowedForUrls

The Controlled Frame API, available to certain isolated contexts such as Isolated Web Apps (IWAs), allows an app to embed and manipulate arbitrary content. Please see https://github.com/WICG/controlled-frame for details. Setting the policy lets you list the URL patterns that specify which sites are allowed to use the Controlled Frame API. Valid patterns are limited to Isolated Web Apps. Leaving the policy unset means DefaultControlledFrameSetting applies for all sites, if it's set. URL patterns must not conflict with ControlledFrameBlockedForUrls. Neither policy takes precedence if a URL matches with both. For detailed information on valid url patterns, please see https://cloud.google.com/docs/chrome-enterprise/policies/url-patterns. * is not an accepted value for this policy.