Allows you to set a list of protocols, and for each protocol an associated list of allowed origin patterns, that can launch an external application without prompting the user. The trailing separator should not be included when listing the protocol. For example, list "skype" instead of "skype:" or "skype://".
If you configure this policy, a protocol will only be permitted to launch an external application without prompting by policy if:
- the protocol is listed
- the origin of the site trying to launch the protocol matches one of the origin patterns in that protocol's allowed_origins list.
If either condition is false, the external protocol launch prompt will not be omitted by policy.
If you don't configure this policy, no protocols can launch without a prompt. Users can opt out of prompts on a per-protocol/per-site basis unless the 'ExternalProtocolDialogShowAlwaysOpenCheckbox' (Show an "Always open" checkbox in external protocol dialog) policy is set to Disabled. This policy has no impact on per-protocol/per-site prompt exemptions set by users.
The origin matching patterns use a similar format to those for the 'URLBlocklist' (Block access to a list of URLs) policy, which are documented at https://go.microsoft.com/fwlink/?linkid=2095322.
However, origin matching patterns for this policy cannot contain "/path" or "@query" elements. Any pattern that does contain a "/path" or "@query" element will be ignored.
|Registry Hive||HKEY_LOCAL_MACHINE or HKEY_CURRENT_USER|