InformationThis policy setting configures whether websites can access the systems serial ports.
Available policy options:
BlockSerial (2) = Do not allow any site to request access to serial ports via the Serial API
AskSerial (3) = Allow sites to ask for user permission to access a serial port
Note: If more granular control is needed (per website) then this setting can be used in combination with the SerialAllowAllPortsForUrls (Allow the Serial API on specific sites), SerialAskForUrls and SerialBlockedForUrls (Block the Serial API on specific sites) settings. For example, SerialAllowAllPortsForUrls can be used to allow serial port access to specific sites. Please see the references below for more information.
The recommended state for this setting is Enable: Do not allow any site to request access to serial ports via the Serial API.
Preventing access to system serial ports may prevent malicious sites from using these ports and accessing attached devices.
Legitimate websites that need access to the Serial API will be denied access.
SolutionTo establish the recommended configuration via GP, set the following UI path to Enable: Do not allow any site to request access to serial ports via the Serial API:
Computer Configuration\Policies\Administrative Templates\Microsoft Edge\Control use of the Serial API
Note: This Group Policy path may not exist by default. It is provided by the Group Policy template MSEdge.admx/adml that can be downloaded from Microsoft here.
AskSerial (3) = Allow sites to ask for user permission to access a serial port (Websites can ask users whether they can access a serial port, and users can change this setting.)