Enable CORS check mitigations in the new CORS implementation

Enable CORS check mitigations in the new CORS implementation, allowing Extensions to keep compatible behavior, and allowing Google Chrome to send specified headers without CORS checks.

If this list is set to empty, Google Chrome tries to run Extensions in compatible manners, and does not introduce API changes for Google Chrome 79 as explained at https://developer.chrome.com/extensions/webRequest.

If this list is set to have HTTP request header names, CORS inspection will ignore the listed headers in addition to enable the mitigation for Extensions.

If this list is not set, both mitigations explained above are not applied.

For details on CORS, visit: https://www.chromestatus.com/feature/5768642492891136.

Note that this policy will be removed in Google Chrome version 82.

Example value:

x-googapps-allowed-domains
youtube-restrict

Supported on: At least Microsoft Windows 7 or Windows Server 2008 family

Enable CORS check mitigations in the new CORS implementation

Registry HiveHKEY_LOCAL_MACHINE or HKEY_CURRENT_USER
Registry PathSoftware\Policies\Google\Chrome\CorsMitigationList
Value Name{number}
Value TypeREG_SZ
Default Value

chrome.admx

Administrative Templates (Computers)

Administrative Templates (Users)