To my knowledge, Brave has only a small number of documented group policy settings.
The documented options are useful for cleaning up some of the bloat, and disabling some undesirable things, but they fall well short of the high degree of granular control Firefox, and (iirc) Chromium offer.
I’m trying, to improve my personal settings template for Brave, here are some of the undocumented settings I’d like to add:
Shields should default to “Aggressively block ads and trackers”
Forgetful browsing should default to on
Cookie exceptions should be able to be listed and enabled by default
New Tab Page ads should be disabled by default
Brave search ads should be disabled by default
Custom blocklists should be able to be listed and enabled by default
Does anyone know whether policy settings need to be explicitly created by the browser maintainer, or whether each browser setting has a corresponding policy?
I think this would be too difficult for anyone here to say for sure. If I was you I’d git clone the Brave browser repo and have an LLM scan it to understand how certain features are enabled/disabled.
I did a cursory check last week and didn’t see any.
(the easy way is just to go to about:policy and check the box to show unset options)
I suspect it doesn’t see much adoption in the enterprise environment and they also don’t want users to use policies to bypass their newly added (/soon to be added?) subscription option.
you can just set it to about:blank
the chromium repo is probably one of the largest public monorepos in the world
although I think some of brave extras are split to their own repo, but github is down right now lol
You may (or may not be) right. But at least a few of our members are fairly knowledgeable about Chromium and group policies broadly, and a few maintain policy templates of their own for Chromium and/or Brave.
I’m hoping some of these people might have some suggestions or insight to share. I’m sure I’m not the first to encounter this frustration with Brave’s under documented policy settings.
I’m aware of this page for Brave specific settings, and this page for general Chromium settings.
As to AI, the Chromium codebase that Brave builds on (not including Brave’s own modifications) is roughly ~40 million lines of code iirc. I don’t think any LLM I have access to would be even remotely capable of analyzing something that size (though I could be wrong, or there could be a better more targeted way).
You are one of the people I was hoping to hear from. Thanks for chiming in.
I suspect it doesn’t see much adoption in the enterprise environment and they also don’t want users to use policies to bypass their newly added subscription option.
Yeah, I think Brave doesn’t really have any/many corporate users, and also doesn’t have a very big DIY minded userbase, so probably not a lot of attention given to policies.
Also, I don’t think it’s coincidence that some of the things they chose not to document are how to disable their own ads via policy.
But it kind of surprises me that flagship features (shields, forgetful browsing, etc) that Brave is proud of are not better documented.
What exactly are you talking about? Which subscription?
Note that this thread is a continuation of Debloat chromium browsers with policies xe3 and I have were discussing disabling a bunch of Brave AI, web3, etc… stuff there. Is there a Brave subscription somewhere that’s not covered by current Brave group policy stuff?
I think I’ve confirmed there are at least some Brave specific policy settings. Unfortunately, that Brave does not mention in their docs, unfortunately not the settings I was looking for though.
I came across this page in the brave-core repo. It looks like it might explain how to create new policies, but it went well over my head (at least on first read), and sounds like it might require building from source. Maybe someone, more knowledgeable than myself will find it useful.
From that, I found a seemingly useful subdirectory that appears to enumerate and define the existing Brave specific group policies.
So far, I’ve tested:
DefaultBraveFingerprintingV2Setting
DefaultBraveAdblockSetting
DefaultBraveHttpsUpgradeSetting
BraveGlobalPrivacyControlEnabled
IPFSEnabled
Of the 4 I tested, only the 1st one seems to work currently, the others show errors in brave://policy
After a bit of research, it looks like the 2nd, 3rd, and 4th failed because they are not yet implemented (will be implemented in version 1.86) and the 5th has already been deprecated.
It appears some of the other undocumented settings in that subdirectory are pre-requisites for an upcoming “Adblock Only Mode” which sounds like it will be a mode (probably intended for enterprise customers) which disables the privacy features of Brave Shields (e.g. disables anti-fingerprinting protection, and some other anti-tracking features) but keeps the adblocker.
I think that policy_definitions page is a note to Brave developers on how to properly add new group policy definitions so they stay organized.
This all got me thinking. Why isn’t there some LibreBrave fork that flips a few booleans around like the group policy ones here to disable all of web3, AI, wallet, etc… I can’t image it would be too hard to automatically apply the defaults as recommended by PG either. There could be another server listening for latest Brave releases on gh to re-sync the fork and to create an automated release right away.