DTBC-0065 - URLs must be allowlisted for Autoplay use.

Information

Controls the allowlist of URL patterns that autoplay will always be enabled on. If the 'AutoplayAllowed' policy is set to 'True' then this policy will have no effect. If the 'AutoplayAllowed' policy is set to 'False', then any URL patterns set in this policy will still be allowed to play.

Solution

Windows group policy:
1. Open the 'group policy editor' tool with gpedit.msc.
2. Navigate to Policy Path: Computer Configuration\Administrative Templates\Google\Google Chrome
- Policy Name: Allow media autoplay on a allowlist of URL patterns.
- Policy State: Enabled
- Policy Value 1: [*.]mil
- Policy Value 2: [*.]gov

Note: Policy values are examples.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Google_Chrome_V2R6_STIG.zip

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-18(4), CAT|II, CCI|CCI-001170, Rule-ID|SV-221596r820742_rule, STIG-ID|DTBC-0065, STIG-Legacy|SV-96303, STIG-Legacy|V-81589, Vuln-ID|V-221596

Plugin: Windows

Control ID: f42d3b6f536e573c09e4143e3c9848c2bca58e025e734036e7941f34d9b7503a