New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 638792 link

Starred by 2 users
Status: Untriaged
Owner: ----
Cc:
pastarmovj@chromium.org
raymes@chromium.org
wfh@chromium.org
georgesak@chromium.org
blumberg@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

Can not override site-wide plugging setting with "Block"

Project Member Reported by omoikane@google.com, Aug 18 2016 
UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36

Steps to reproduce the problem:
1. Set enterprise setting to add plugin exception for a particular site, such as bbc.com, and make plugin "always allowed to run".
2. Have user try to override this setting, blocking all plugins for the same site.
3. Observe that the plugins run anyways.

What is the expected behavior?
If site-wide setting is ALLOW but user override is BLOCK, the interpretation should be the least permissive of the two, i.e. BLOCK, and plugins should not run.

What went wrong?
Plugin runs unexpectedly.

Did this work before? N/A 

Chrome version: 52.0.2743.116  Channel: stable
OS Version: 
Flash Version: Shockwave Flash 22.0 r0

This is the opposite  issue 616218 : in the other bug, it's undesirable for override a policy of ASK with a user setting of ALLOW.  In this bug, the user wants to override a policy of ALLOW with a user setting of ASK or BLOCK, to stop random plugins from running.

Attached is a screenshot of the conflicting plugin setting, where I expected the less permissive of the two settings to take effect, but it seems that the site-wide setting always takes effect.
Project Member

Comment 1 by sheriffbot@chromium.org, Aug 18 2016

Labels: Hotlist-Google

Comment 2 by pastarmovj@chromium.org, Aug 18 2016

Cc: saswat@chromium.org georgesak@chromium.org blumberg@chromium.org pastarmovj@chromium.org wfh@chromium.org
Labels: Enterprise-Triaged
Status: Untriaged (was: Unconfirmed)
I am not sure this is the wanted behavior. Policies does not necessary mean restrictions in the sense of limiting capabilities, but might also mean enforcing capabilities. So if an admin believes running plugins on a page is necessary the user's choice should not be allowed to override this.

Adding some more people to chime in on that too.

Comment 3 by pastarmovj@chromium.org, Aug 18 2016 

I don't know how the restrict-view-google label happened to be implied but I also don't see how to remove it since I don't see any reason for it.

Comment 4 by lgar...@chromium.org, Aug 18 2016

Labels: allpublic
It's because you filed a bug using an @google.com address with a screenshot.
You need the magic label `allpublic`.

Comment 5 by lgar...@chromium.org, Aug 18 2016

Cc: lshang@chromium.org
+Liu, who has been working on content exceptions for Enamel.

Comment 6 by lshang@chromium.org, Aug 19 2016

Cc: raymes@chromium.org
From general content settings perspective, policy settings always override users settings, not just for plugins, also for other types like notifications, cookies...

Comment 7 by saswat@chromium.org, Nov 10 2016

Cc: -saswat@chromium.org

Comment 8 by lshang@chromium.org, Dec 5 2016

Cc: -lshang@chromium.org

Sign in to add a comment