Instinctive

Get started with Instinctive

Sign in with a Google administrator account to get started

Get started with Instinctive

Sign in with a Google administrator account to get started

Upgrade to Instinctive District for this feature

Audit & fix Chrome settings to keep users safe & devices secure

Compare and sync settings across OUs or historical exports. Import settings to copy from one OU to another.

Unlimited search history

Batch actions (max. 250 items at a time)

Custom CSV exports for record-keeping

Hand Raise extension
<- Chrome Settings Library

OverrideSecurityRestrictionsOnInsecureOrigin

Origins or hostname patterns for which restrictions on insecure origins should not apply
Last updated October 8, 2024
Edit in Google Admin Console

Setting the policy specifies a list of origins (URLs) or hostname patterns (such as *.example.com) for which security restrictions on insecure origins won't apply. Organizations can specify origins for legacy applications that can't deploy TLS or set up a staging server for internal web development, so developers can test out features requiring secure contexts without having to deploy TLS on the staging server. This policy also prevents the origin from being labeled "Not Secure" in the address bar. Setting a list of URLs in this policy amounts to setting the command-line flag --unsafely-treat-insecure-origin-as-secure to a comma-separated list of the same URLs. The policy overrides the command-line flag and UnsafelyTreatInsecureOriginAsSecure, if present. For more information on secure contexts, see Secure Contexts ( https://www.w3.org/TR/secure-contexts ).

Supported On:
Platform Start End
Android 69
Chrome (Windows, Mac, Linux) 69
ChromeOS 69
Example value:

{"0":"http://testserver.example.com/","1":"*.example.org"}

Features: