Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
HTTP Allowlist
Supported versions
- On Windows and macOS since 123 or later
Description
Setting the policy specifies a list of hostnames or hostname patterns (such as '[*.]example.com') that won't be upgraded to HTTPS. Organizations can use this policy to maintain access to servers that don't support HTTPS, without needing to disable HttpsUpgradesEnabled.
Supplied hostnames must be canonicalized: Any IDNs must be converted to their A-label format, and all ASCII letters must be lowercase.
Blanket host wildcards (that is, "" or "[]") aren't allowed. Instead, HTTPS-First Mode and HTTPS Upgrades should be explicitly disabled via their specific policies.
Note: This policy doesn't apply to HSTS upgrades.
Supported features
- Can be mandatory: Yes
- Can be recommended: No
- Dynamic Policy Refresh: Yes
- Per Profile: Yes
- Applies to a profile that is signed in with a Microsoft account: Yes
Data type
- List of strings
Windows information and settings
Group Policy (ADMX) info
- GP unique name: HttpAllowlist
- GP name: HTTP Allowlist
- GP path (Mandatory): Administrative Templates/Microsoft Edge
- GP path (Recommended): N/A
- GP ADMX file name: MSEdge.admx
Example value
testserver.example.com
[*.]example.org
Registry settings
- Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\HttpAllowlist
- Path (Recommended): N/A
- Value name: 1, 2, 3, ...
- Value type: List of REG_SZ
Example registry value
SOFTWARE\Policies\Microsoft\Edge\HttpAllowlist\1 =
testserver.example.com
SOFTWARE\Policies\Microsoft\Edge\HttpAllowlist\2 =
[*.]example.org
Mac information and settings
- Preference Key name: HttpAllowlist
- Example value:
<array>
<string>testserver.example.com</string>
<string>[*.]example.org</string>
</array>