dvaksvik@ Thanks for the issue.

From the above description, this is a feature request to remove many extensions through policy at once.
Hence marking this as Untriaged for further updates from Dev.

Thanks..

This doesn't sound unreasonable to me, though I might suggest that instead of introducing the ExtensionRemoveList, we just introduce a boolean for "remove blocklisted extensions".

This probably isn't something my team can get to in the near future, but cc'ing other folks that may be interested.

I agree a boolean "RemoveBlacklistedExtensions" seems sufficient.

Assigning to dskaram@ for prioritization.

I suspect we don't need a policy for this - is there any reason why we don't just auto-delete blacklisted extensions?

The are situations where an extension is blacklisted temporarily and it would be unfortunate to remove the extension (and all its local data).

What if we auto-delete blacklisted extensions 24 hours after being blacklisted. This way if something is accidentally blacklisted the admin has time to correct the issue without data loss.

> I suspect we don't need a policy for this - is there any reason why we don't just auto-delete blacklisted extensions?

Two reasons: The first is what nrpeter@ mentioned, where we blocklist an extension temporarily.  (This isn't accidental, though - we do this for e.g. security vulnerabilities found in extensions until they are patched, at which point we remove them from the blocklist.)  The second is that we've taken a stance that we don't want to delete potential user data that's stored in the extension without some kind of user consent.

The second point has been our practice for a long time, but I don't know if it's an absolute requirement (especially given that, for all practical purposes, it's rather difficult for a typical user to *recover* user data within an extension if the extension is blocklisted).  Depending, though, we may need to ask user consent before completely removing it.  This is a discussion I've been having with +jawag@, but we haven't come to a full conclusion.  We need to consult a few more folks, and potentially dig into some metrics.

We recently encountered the design feature,  "Extensions already installed will be disabled if blacklisted, without a way for the user to enable them. This leaves us with the only option to set Erase local user data or manually remove the profiles if you want to get rid of the Apps... ".  https://www.chromium.org/administrators/policy-list-3#ExtensionInstallBlacklist


We have hundreds of user devices and accounts so when blacklisting an app we would far rather have it removed than be left with dead links or having to remove the user's entire profile. I feel it would be beneficial to review this for future change.

please let me know if this is still a feasible request. Customer needs that feature to remove all extensions that are blacklisted

Introducing a boolean for "remove blocklisted extensions" sounds like a good approach to me (per Devlin's suggestion in #3)

Unfortunately, the extensions team doesn't have bandwidth to take this on in the near future. @goanuj, privard, do you think the enterprise team can pick this up?

Thanks for finding us a potential solution and your consideration of this being a priority at some point as I'm sure it would be useful to other organisations as well as ours.

Plus enterprise eng FYI.

Customer on case #17119916 wants to be notified directly when this request is implemented