To my knowledge, Brave has only a small number of documented group policy settings.
The documented options are useful for cleaning up some of the bloat, and disabling some undesirable things, but they fall well short of the high degree of granular control Firefox, and (iirc) Chromium offer.
I’m trying, to improve my personal settings template for Brave, here are some of the undocumented settings I’d like to add:
Shields should default to “Aggressively block ads and trackers”
Forgetful browsing should default to on
Cookie exceptions should be able to be listed and enabled by default
New Tab Page ads should be disabled by default
Brave search ads should be disabled by default
Custom blocklists should be able to be listed and enabled by default
Does anyone know whether policy settings need to be explicitly created by the browser maintainer, or whether each browser setting has a corresponding policy?
I think this would be too difficult for anyone here to say for sure. If I was you I’d git clone the Brave browser repo and have an LLM scan it to understand how certain features are enabled/disabled.
I did a cursory check last week and didn’t see any.
(the easy way is just to go to about:policy and check the box to show unset options)
I suspect it doesn’t see much adoption in the enterprise environment and they also don’t want users to use policies to bypass their newly added (/soon to be added?) subscription option.
you can just set it to about:blank
the chromium repo is probably one of the largest public monorepos in the world
although I think some of brave extras are split to their own repo, but github is down right now lol
You may (or may not be) right. But at least a few of our members are fairly knowledgeable about Chromium and group policies broadly, and a few maintain policy templates of their own for Chromium and/or Brave.
I’m hoping some of these people might have some suggestions or insight to share. I’m sure I’m not the first to encounter this frustration with Brave’s under documented policy settings.
I’m aware of this page for Brave specific settings, and this page for general Chromium settings.
As to AI, the Chromium codebase that Brave builds on (not including Brave’s own modifications) is roughly ~40 million lines of code iirc. I don’t think any LLM I have access to would be even remotely capable of analyzing something that size (though I could be wrong, or there could be a better more targeted way).
You are one of the people I was hoping to hear from. Thanks for chiming in.
I suspect it doesn’t see much adoption in the enterprise environment and they also don’t want users to use policies to bypass their newly added subscription option.
Yeah, I think Brave doesn’t really have any/many corporate users, and also doesn’t have a very big DIY minded userbase, so probably not a lot of attention given to policies.
Also, I don’t think it’s coincidence that some of the things they chose not to document are how to disable their own ads via policy.
But it kind of surprises me that flagship features (shields, forgetful browsing, etc) that Brave is proud of are not better documented.
What exactly are you talking about? Which subscription?
Note that this thread is a continuation of Debloat chromium browsers with policies xe3 and I have were discussing disabling a bunch of Brave AI, web3, etc… stuff there. Is there a Brave subscription somewhere that’s not covered by current Brave group policy stuff?
I think I’ve confirmed there are at least some Brave specific policy settings. Unfortunately, that Brave does not mention in their docs, unfortunately not the settings I was looking for though.
I came across this page in the brave-core repo. It looks like it might explain how to create new policies, but it went well over my head (at least on first read), and sounds like it might require building from source. Maybe someone, more knowledgeable than myself will find it useful.
From that, I found a seemingly useful subdirectory that appears to enumerate and define the existing Brave specific group policies.
So far, I’ve tested:
DefaultBraveFingerprintingV2Setting
DefaultBraveAdblockSetting
DefaultBraveHttpsUpgradeSetting
BraveGlobalPrivacyControlEnabled
IPFSEnabled
Of the 4 I tested, only the 1st one seems to work currently, the others show errors in brave://policy
After a bit of research, it looks like the 2nd, 3rd, and 4th failed because they are not yet implemented (will be implemented in version 1.86) and the 5th has already been deprecated.
It appears some of the other undocumented settings in that subdirectory are pre-requisites for an upcoming “Adblock Only Mode” which sounds like it will be a mode (probably intended for enterprise customers) which disables the privacy features of Brave Shields (e.g. disables anti-fingerprinting protection, and some other anti-tracking features) but keeps the adblocker.
I think that policy_definitions page is a note to Brave developers on how to properly add new group policy definitions so they stay organized.
This all got me thinking. Why isn’t there some LibreBrave fork that flips a few booleans around like the group policy ones here to disable all of web3, AI, wallet, etc… I can’t image it would be too hard to automatically apply the defaults as recommended by PG either. There could be another server listening for latest Brave releases on gh to re-sync the fork and to create an automated release right away.
If any of you are using the "BraveSpeedreaderDisabled": false, option, can you check brave://policy/ for me and let me know whether you see an error or not. I see an error on my end.
Also, for those of you disabling speedreader, what is the reason? Is it a privacy concern or something else?
You misspelled it. It’s called BraveSpeedreaderEnabled and I’m not getting any errors. I previously linked my policy list here and I have this one disabled as I have no need for that feature and prefer software minimalism.
I set up a Brave policy for my client’s Linux systems some time ago. Even though it’s for Linux, the options should be the same for Windows.
I don’t remember how many options I had, but I’d built up a few from asking questions in the Brave forums. I’ll note them when I’m at work next week and reply here.
As noted in this thread, about:policy should show you available options.
I’d be very disappointed if I had to remove Brave if they started charging to use such policy options. My client will not tolerate cryptocurrency transactions on their networks and if they had to pay for a Browser would be much quicker to get Enterprise Chrome, given they already have an account with Google and trust that vendor. I advocated for Brave in an attempt to improve browsing privacy.
Here is my list of Brave policies. It seems that some of them were previously unavailable online and they are the result of my research: there seem to be undocumented/hidden policies, and I had to deduce and test combinations to find them. Perhaps their names are hidden in some Brave files on GitHub, but I didn’t have the motivation to search there.
I believe that policies are an interesting topic and that we need to take ownership of them, and I’m glad that this subject seems to interest others besides myself. It’s a great way to create a “de-Braved Brave,” without the constraints of a fork and to save time.
Feel free to share your observations with me. If you’re interested in my list of choices in Windows or Linux format, just let me know.
I’m not positive, but I believe that many/most of those settings are generic Chromium/Chrome settings.
From your list, these are the one's I'm certain are Brave specific: (Click to Expand)
BraveAIChatEnabled
BraveDeAmpEnabled
BraveDebouncingEnabled
BraveP3AEnabled
BravePlaylistEnabled
BraveReduceLanguageEnabled
BraveRewardsDisabled
BraveStatsPingEnabled
BraveTalkDisabled
BraveVPNDisabled
BraveWalletDisabled
BraveWebDiscoveryEnabled
TorDisabled
Of the remaining settings, do you know if any of these remaining settings are Brave specific settings?
I might be mistaken but at first glance, most of these look to be general Chromium or Chrome policy settings. I imagine some of these (e.g. autofill, https only mode, etc) will be useful for Brave, and other's won't be relevant (e.g. Gemini, maybe the PrivacySandbox stuff): (Click to Expand)
As for the AI/generic features, I disabled it for safety in case Brave adopts some policy names from Chrome (like “AIModeSettings“). My idea was to enforce certain behaviors of the browser.
Seems like a reasonable approach, and probably can’t hurt (and I know various other’s maintaining their own lists take a similar approach of including iall of the policy settings they’d use with Chrome or Chromium ‘just in case’).
Personally I’m trying to take the opposite approach, starting with a minimalist list of settings that I understand. And only adding settings when I understand what they do, and know they are relevant to Brave. That does currently include a few Chromium settings, and I’ll probably add more with time, as I learn what is and isn’t relevant. So far I’m just using:
But I see a few other’s on your list, that I’ll be investigating (webHID, webUSB, maybe the safe browsing and the webrtc stuff, though I believe Brave’s defaults are already reasonable there).
I think we should suggest something in Site Development to indicate to PG readers that there is an Arkenfox-like method possible on Brave. Wondering what people’s thoughts are. I never knew that group policies existed, so I’m sure there are lots of others like me who were also similarly in the dark and would consequently benefit from learning about this.
After that, it would just be a matter of finding and suggesting a definitive group policy list. I’m not aware of any right now as I’ve just found this out, but I’m sure those who are familiar with this like yourself or @anon63378639 can hash out and debate on which would be an Arkenfox-like “definitive” list to give to the masses.
If worst comes to shove, PG could just list their own policies to accord with their current recommended configuration. (That is, if it’s possible? I’m still catching up on the threads, but from what I gather right now, some options unavailable to be turned into policies?)
But just to be clear, in my experience so far, what Brave offers is far more limited compared to the equivalent in Firefox or the approach used by Arkenfox.
Afaik, Brave has only made a small handful (~15) of their settings configurable this way. There are a lot of Brave specific features that can’t be managed this way and would still need to be configured manually in the GUI.
That said, it’s still useful and convenient, and a step in the right direction. I hope they will make all of their settings configurable this way, but it seems so far that they are only adding the options that make Brave more palatable to enterprise customers, not necessarily intending to offer full fledged configuration via policy.
That was more or less my intent, but that is unfortunately not currently possible. But Brave has not made most of the necessary settings configurable via policy settings. Which largely undermines the purpose and convenience of managing settings via policy.
Silver lining is that because there are such a small number of Brave specific settings that can be configured by policy, you don’t really need to rely on anyone else to maintain a list, you can pretty easily put together your own if you want.
I address this in the thread and I completely agree with you. It’s unfortunate how limited it is right now. Although, I think non-Brave chromium policies is extensive enough, at least from a lay perspective after seeing @anon63378639’s policy.
Some niche usecases I considered are cross-profile settings management and settings exporting.
Hello again, I’m not sure if I’m adding much at this point, as people have already noted that most Brave policy has the word “Brave” in it and is typically poorly documented (if at all!), but I was meaning to post this…
I’d suggest you follow the Google documentation to implement a trivial option first. The vast majority (99%) of policy options available in Chrome are available in Brave.
Navigate to about://policy in Brave, which will redirect to brave://policy.
Click “Show policies with no value set”
After you have set any Enterprise policy options, click the arrows on the “Status” field to sort by that field so that any in Error are the the top. If you have some in Error typically they are the wrong syntax or invalid options. So far this is Chrom(ium) enterprise policy.
Most Brave options come from Chromium, and the Policy name field will link to Google’s excellent documentation.
Those options which cannot be resolved (such as the few in my example code block below), are specific to Brave. Sadly Brave doesn’t document them as well as Google for Chrome but they do provide this: https://support.brave.app/hc/en-us/articles/360039248271-Group-Policy which lists the options available today.
These examples use the Linux JSON format, you’ll have to convert them to the Windows format. Note that typically the booleans use “true” or “false” not “0”, “1” even if Brave documentation says otherwise (from trial and error, it is wrong! A bug has been raised in Github)