Hostname and any subdomain match (Referrer) Each exception is made up of a type and a value.
#Regexp download organizer zip
Empty if the file is not a zip file.Įach rule object optionally supports exceptions via the exceptions array. xls) and contains macros or Excel 4.0 macros.Īn array of all of the filenames contained within the zip file. True if the file is a binary office file (i.e.docm. If multiple inspection types are specified, all values must match for the rule to match. Additionally, rules can be configured to look for these properties in smugged files.
File Inspection (Optional)įor files which are created using HTML Smuggling, the extension can inspect them for certain properties. An audit or notify rule will only be used if no block rules are matched. If multiple rules are matched, the first block rule takes precedence. * If audit mode is chosen, but no alert config is present, the extension will revert back to block mode. (See exceptions for information on each filter type.) Action (Optional, default = block) Property name: hostname, basedomain, referrerhostname and referrerbasedomainĪllows taking action on downloads from specific domains. Be aware that you will need to double-escape any backslashes in your regex string so that the JSON remains valid. The pattern is tested against the whole file name, including extension. The fileNameRegex property allows you to filter for file names that match a given regex pattern. This property allows you to blanket ban these files which can't be inspected. via an email attachment) Since Chrome can't, by default, run content scripts in these local webpages, a rule which blocks files based on content inspection won't work for these files. This can be used, for example, to block all HTML Smuggled downloads which originate from a local webpage on the user's computer. When used in this way, the urlScheme filter can be used to block downloads based on their url protocol, e.g file, http, https etc. This property is intended to used in combination with an origin = Local filter. It's useful to help pinpoint which rule has triggered.
The ruleName property is simply an identifier which can be used in the alert config or message template fields. Server - The file is hosted via a web server.Local - The file was downloaded via javascript.The extensions to ban (Without the leading '.').The bannedExtensions property supports an array containing either: Note that Edge doesn't appear to display extension configuration settings, but they are actually still loaded. You can also manually reload the policies via the 'Reload Policies' button. For testing purposes, you may need to go to chrome://policy or edge://policy to check if the policy has been loaded. Note: It can take a while for Chrome to apply an updated policy. The JSON data should be minified before setting the registry value, for example by using this tool. "messageTemplate" : "Notification message" "type" : "hostname|basedomain|referrerhostname|referrerbasedomain|fileextensions", Fixed a bug which meant that the calculated SHA256 for base64-encoded data URIs could be incorrect.fileInspectionData now contains a new key, 'zipFileNames', which contains an array of all of the filenames contained within a.
Metadata support added for downloads initiated from inside an iFrame.Fixed an issue with the injected content-script which could result in the webpage behaving unexpectedly in a specific situation.Changes to how the referrer URL is inferred which will hopefully be more accurate.Implemented cleanup of session storage when it is no longer needed.Downloads smuggled via a document with a file:// origin, files downloaded from a web-server.) This allows metadata to be calculated in some situations which may otherwise not be possible. The extension can now retrieve file metadata using a native messaging host.Rules now support hostname, basedomain, referrerhostname and referrerbasedomain filters.For an in-depth description of HTML smuggling, please see the references below. It does this by using HTML5 APIs to provide a client-side download using javascript, without making a request to a webserver. HTML smuggling is essentially a technique for bypassing web-proxies / firewalls that perform content inspection on files downloaded from a server. It was created as a way to prevent HTML smuggling attacks, but it can also block downloads from webservers too. Download Blocker is a Google Chrome extension which blocks certain files from being downloaded, based on a number of different data / metadata properties.
0 kommentar(er)
