Chrome extension can be accessed and installed even after adding the URL to block
search cancel

Chrome extension can be accessed and installed even after adding the URL to block

book

Article ID: 250061

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

Company requires to block certain chrome extensions. As an example, Free VPN for Chrome extension (https://chrome.google.com/webstore/detail/free-vpn-for-chrome-vpn-p/majdfhpaihoncoakbjgbdhglocklcgno) needs to be blocked.

URL https://chrome.google.com/webstore/detail/free-vpn-for-chrome-vpn-p/majdfhpaihoncoakbjgbdhglocklcgno is added to the block rule.

However, the URL is not blocked when chrome extension webstore (https://chrome.google.com/webstore/category/extensions) is accessed first, then the chrome extension is searched and accessed from the webstore.

URL is blocked however, if the same page is refreshed or if chrome extension URL (https://chrome.google.com/webstore/detail/free-vpn-for-chrome-vpn-p/majdfhpaihoncoakbjgbdhglocklcgno) is entered directly.

 

Environment

Cloud Secure Web Gateway (Cloud SWG - formerly WSS) UPE configuration (policies managed by Management Center)

Cause

This cause of issue is clearly seen checking the the developer tools (Obtain a HAR file) while going to chrome webstore.

When you open the chrome extension page from there, you can see that the URL doesn't load:

 

But if you refresh the page, it finally loads:

Resolution

In order to resolve the issue, you will need to configure a cpl rule to block the chrome extension id (majdfhpaihoncoakbjgbdhglocklcgno) in the url.regex rule. This way any existence of the extension id will be blocked:

<proxy>
url.regex="majdfhpaihoncoakbjgbdhglocklcgno" force_deny
Powered by Wolken Software