Share via


URLAllowlist

Define a list of allowed URLs

Supported versions

  • On Windows and macOS since 77 or later
  • On Android since 30 or later
  • On iOS since 85 or later

Description

Setting the policy provides access to the listed URLs, as exceptions to URLBlocklist.

Format the URL pattern according to https://go.microsoft.com/fwlink/?linkid=2095322.

You can use this policy to open exceptions to restrictive block lists. For example, you can include '*' in the block list to block all requests, and then use this policy to allow access to a limited list of URLs. You can use this policy to open exceptions to certain schemes, subdomains of other domains, ports, or specific paths.

The most specific filter determines if a URL is blocked or allowed. The allowed list takes precedence over the block list.

This policy is limited to 1000 entries; subsequent entries are ignored.

This policy also allows the browser to automatically invoke external applications registered as protocol handlers for protocols like "tel:" or "ssh:".

If you don't configure this policy, there are no exceptions to the block list in the URLBlocklist policy.

This policy does not work as expected with file://* wildcards.

Supported features

  • Can be mandatory: Yes
  • Can be recommended: No
  • Dynamic Policy Refresh: Yes
  • Per Profile: Yes
  • Applies to a profile that is signed in with a Microsoft account: No

Data type

  • List of strings

Windows information and settings

Group Policy (ADMX) info

  • GP unique name: URLAllowlist
  • GP name: Define a list of allowed URLs
  • GP path (Mandatory): Administrative Templates/Microsoft Edge
  • GP path (Recommended): N/A
  • GP ADMX file name: MSEdge.admx

Example value

contoso.com
https://ssl.server.com
hosting.com/good_path
https://server:8080/path
.exact.hostname.com

Registry settings

  • Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\URLAllowlist
  • Path (Recommended): N/A
  • Value name: 1, 2, 3, ...
  • Value type: List of REG_SZ

Example registry value

SOFTWARE\Policies\Microsoft\Edge\URLAllowlist\1 =

contoso.com

SOFTWARE\Policies\Microsoft\Edge\URLAllowlist\2 =

https://ssl.server.com

SOFTWARE\Policies\Microsoft\Edge\URLAllowlist\3 =

hosting.com/good_path

SOFTWARE\Policies\Microsoft\Edge\URLAllowlist\4 =

https://server:8080/path

SOFTWARE\Policies\Microsoft\Edge\URLAllowlist\5 =

.exact.hostname.com

Mac information and settings

  • Preference Key name: URLAllowlist
  • Example value:
<array>
  <string>contoso.com</string>
  <string>https://ssl.server.com</string>
  <string>hosting.com/good_path</string>
  <string>https://server:8080/path</string>
  <string>.exact.hostname.com</string>
</array>

Android information and settings

  • Preference Key name: URLAllowlist
  • Example value:
["contoso.com", "https://ssl.server.com", "hosting.com/good_path", "https://server:8080/path", ".exact.hostname.com"]

iOS information and settings

  • Preference Key name: URLAllowlist
  • Example value:
<array>
  <string>contoso.com</string>
  <string>https://ssl.server.com</string>
  <string>hosting.com/good_path</string>
  <string>https://server:8080/path</string>
  <string>.exact.hostname.com</string>
</array>

See also