UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

URLs must be whitelisted for plugin use if used.


Overview

Finding ID Version Rule ID IA Controls Severity
V-235753 EDGE-00-000039 SV-235753r879751_rule Low
Description
Define a list of sites, based on URL patterns that can open pop-up windows.
STIG Date
Microsoft Edge Security Technical Implementation Guide 2024-02-13

Details

Check Text ( C-38972r862951_chk )
This requirement for "Allow pop-up windows on specific sites" is not required; this is optional.

The policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Allow pop-up windows on specific sites" must be set to "Enabled".

Use the Windows Registry Editor to navigate to the following key:
HKLM\SOFTWARE\Policies\Microsoft\Edge

"PopupsAllowedForUrls" must be set as follows:
HKLM\SOFTWARE\Policies\Microsoft\Edge\PopupsAllowedForUrls\1 = mydomain.com
HKLM\SOFTWARE\Policies\Microsoft\Edge\PopupsAllowedForUrls\2 = myagency.mil

If configured, the list of domains for which Microsoft Edge allows pop-ups may be allowlisted.
Fix Text (F-38935r766856_fix)
Set the policy value for "Computer Configuration/Administrative Templates/Microsoft Edge/Content settings/Allow pop-up windows on specific sites" to "Enabled". A list of allowlisted URLs may be specified here.