Add new enterprise policy to control App-Bound encryption.
A new policy is added to control App-Bound encryption, which is
default enabled.
Because this policy might be disabled after data has been encrypted
using App-Bound encryption, this policy only controls whether or not
future data is encrypted with App-Bound, and existing data that
might have been encrypted remains available.
Once the policy is set to 'false' to disable App-Bound encryption
no further data will be encrypted using App-Bound encryption.
Tests are added to verify the behavior.
BUG=332570744
Change-Id: I77362edf6dc4ac29a5162c7ce78b82f3e70b0010
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5417396
Reviewed-by: Owen Min <[email protected]>
Reviewed-by: Scott Violet <[email protected]>
Commit-Queue: Will Harris <[email protected]>
Reviewed-by: Julian Pastarmov <[email protected]>
Cr-Commit-Position: refs/heads/main@{#1282094}
diff --git a/chrome/browser/prefs/browser_prefs.cc b/chrome/browser/prefs/browser_prefs.cc
index 6d22878..aefbe8d 100644
--- a/chrome/browser/prefs/browser_prefs.cc
+++ b/chrome/browser/prefs/browser_prefs.cc
@@ -1708,6 +1708,8 @@
registry->RegisterBooleanPref(prefs::kRendererAppContainerEnabled, true);
registry->RegisterBooleanPref(prefs::kBlockBrowserLegacyExtensionPoints,
true);
+ registry->RegisterBooleanPref(prefs::kApplicationBoundEncryptionEnabled,
+ true);
registry->RegisterBooleanPref(
policy::policy_prefs::kNativeWindowOcclusionEnabled, true);
MediaFoundationServiceMonitor::RegisterPrefs(registry);
