FriendlyURLs must be disabled.
An XCCDF Rule
Description
<VulnDiscussion>If FriendlyURLs are enabled, Microsoft Edge will compute additional representations of the URL and place them on the clipboard. This policy configures what format will be pasted when the user pastes in external applications, or inside Microsoft Edge without the "Paste As" context menu item. If configured, this policy makes a choice on behalf of the user. The options in edge://settings/shareCopyPaste will be grayed out, and the options in the "Paste As" context menu will not be available. Not configured = The user will be able to choose their preferred paste format. By default, this is set to the friendly URL format. The "Paste As" menu will be available in Microsoft Edge. 1 = No additional formats will be stored on the clipboard. There will be no "Paste as" context menu item in Microsoft Edge and the only format available to paste will be the plain text URL format. Effectively, the friendly URL feature will be disabled. 3 = The user will get a friendly URL whenever they paste into surfaces that accept rich text. The plain URL will still be available for non-rich surfaces. There will be no "Paste As" menu in Microsoft Edge. 4 = (Not currently used) The richer formats may not be well-supported in some paste destinations and/or websites. In these scenarios, the plain URL option is recommended when configuring this policy. The recommended policy is available in Microsoft Edge 105 or later. Policy options mapping: PlainText (1) = The plain URL without any extra information, such as the page's title. This is the recommended option when this policy is configured. For more information, see the description. TitledHyperlink (3) = Titled Hyperlink: A hyperlink that points to the copied URL, but whose visible text is the title of the destination page. This is the Friendly URL format.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-266981r1007489_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Set the policy value for "Computer Configuration/Administrative Templates/Microsoft EdgeConfigure the default paste format of URLs copied from Microsoft Edge, and determine if additional formats will be available to users" to "enabled" and select "0 the plain URL without any extra information, such as the page's title. This is the recommended option when this policy is configured. For more information, see the description."