URLs must be whitelisted for plugin use

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-52795	DTBC-0051	SV-67011r1_rule		Medium

Description
None

STIG	Date
Google Chrome Current Windows STIG	2014-07-08

Details

Check Text ( C-54515r1_chk )
Universal method: 1. In the omnibox (address bar) type chrome://policy 2. If PluginsAllowedForUrls is not displayed under the Policy Name column or it is not set to a list of administrator approved URLs under the Policy Value column, then this is a finding. Windows method: 1. Start regedit 2. Navigate to HKLM\Software\Policies\Google\Chrome\ 3. If the PluginsAllowedForUrls key does not exist and it does not contain a list of administrator approved URLs then this is a finding. Suggested: the set or subset of .mil and .gov

Check Text ( C-54515r1_chk )

Universal method:
1. In the omnibox (address bar) type chrome://policy
2. If PluginsAllowedForUrls is not displayed under the Policy Name column or it is not set to a list of administrator approved URLs under the Policy Value column, then this is a finding.

Windows method:
1. Start regedit
2. Navigate to HKLM\Software\Policies\Google\Chrome\
3. If the PluginsAllowedForUrls key does not exist and it does not contain a list of administrator approved URLs then this is a finding.

Suggested: the set or subset of *.mil and *.gov

Fix Text (F-57613r1_fix)
Windows group policy: 1. Open the group policy editor tool with gpedit.msc 2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome\Content Settings Policy Name: Allow plugins on these sites Policy State: Enabled Policy Value 1: .mil Policy Value 2: .gov