<- Chrome Settings Library

DirectSocketsPrivateNetworkAccessBlockedForUrls

Block private network access in the Direct Sockets API on these sites
Last updated October 31, 2024

The Direct Sockets API allows communication with arbitrary endpoints using TCP and UDP. Please see https://github.com/WICG/direct-sockets for details. Private network endpoints are those using IP addresses from private IP address space, which is defined in https://wicg.github.io/private-network-access/#ip-address-space-private. Setting the policy lets you list the URL patterns that specify which sites are blocked from accessing private network in the Direct Sockets API. Valid patterns are limited to Isolated Web Apps. Leaving the policy unset means DefaultDirectSocketsPrivateNetworkAccessSetting applies for all sites, if it's set. URL patterns must not conflict with DirectSocketsPrivateNetworkAccessAllowedForUrls. Neither policy takes precedence if a URL matches with both. For detailed information on valid url patterns, please see https://cloud.google.com/docs/chrome-enterprise/policies/url-patterns. * is not an accepted value for this policy. Note that this policy only applies if the origin is allowed to use the Direct Sockets API. Please consult DefaultDirectSocketsSetting, DirectSocketsAllowedForUrls and DirectSocketsBlockedForUrls for more details. This policy applies only to new connection attempts and doesn't invalidate existing connections.

Example value:

["isolated-app://aerugqztij5biqquuk3mfwpsaibuegaqcitgfchwuosuofdjabzqaaic"]

Features: