Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
HTTP Allowlist
Supported versions
- On Windows and macOS since 123 or later
Description
Setting the policy specifies a list of hostnames or hostname patterns (such as '[*.]example.com') that will not be upgraded to HTTPS. Organizations can use this policy to maintain access to servers that do not support HTTPS, without needing to disable AutomaticHttpsDefault or HttpsUpgradesEnabled.
Supplied hostnames must be canonicalized: Any IDNs must be converted to their A-label format, and all ASCII letters must be lowercase.
Blanket host wildcards (i.e., "" or "[]") are not allowed. Instead, HTTPS-First Mode and HTTPS Upgrades should be explicitly disabled via their specific policies.
Note: This policy does not apply to HSTS upgrades.
Supported features
- Can be mandatory: Yes
- Can be recommended: No
- Dynamic Policy Refresh: Yes
- Per Profile: Yes
- Applies to a profile that is signed in with a Microsoft account: Yes
Data type
- List of strings
Windows information and settings
Group Policy (ADMX) info
- GP unique name: HttpAllowlist
- GP name: HTTP Allowlist
- GP path (Mandatory): Administrative Templates/Microsoft Edge
- GP path (Recommended): N/A
- GP ADMX file name: MSEdge.admx
Example value
testserver.example.com
[*.]example.org
Registry settings
- Path (Mandatory): SOFTWARE\Policies\Microsoft\Edge\HttpAllowlist
- Path (Recommended): N/A
- Value name: 1, 2, 3, ...
- Value type: List of REG_SZ
Example registry value
SOFTWARE\Policies\Microsoft\Edge\HttpAllowlist\1 =
testserver.example.com
SOFTWARE\Policies\Microsoft\Edge\HttpAllowlist\2 =
[*.]example.org
Mac information and settings
- Preference Key name: HttpAllowlist
- Example value:
<array>
<string>testserver.example.com</string>
<string>[*.]example.org</string>
</array>