Setting the policy prevents webpages with prohibited URLs from loading. It provides a list of URL patterns that specify forbidden URLs. Leaving the policy unset means no URLs are prohibited in the browser. Format the URL pattern according to this format ( https://www.chromium.org/administrators/url-blocklist-filter-format ). Up to 1,000 exceptions can be defined in URLAllowlist.
From Google Chrome version 73, you can block javascript://* URLs. However, it affects only JavaScript entered in the address bar (or, for example, bookmarklets). In-page JavaScript URLs with dynamically loaded data aren't subject to this policy. For example, if you block example.com/abc, then example.com can still load example.com/abc using XMLHTTPRequest.
From Google Chrome version 92, this policy is also supported in the headless mode.
Note: Blocking internal chrome://* URLs can lead to unexpected errors.
Example value:
example.com
https://ssl.server.com
hosting.com/bad_path
https://server:8080/path
.exact.hostname.com
file://*
custom_scheme:*
*
Registry Hive | HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER |
Registry Path | Software\Policies\Google\Chrome\URLBlocklist |
Value Name | {number} |
Value Type | REG_SZ |
Default Value |