Configuring Domain Bypass in MV3 Extension

Specific domains or sub-domains can be configured to bypass the MV3 extension.

In order to allow the bypass configuration to be done from older FSM versions, we are leveraging the Improved Detection for Web File Uploads section in the Detection tab under General > Endpoint > Endpoint Global Properties. This option is no longer required for MV3.

To differentiate the domains that should be used for bypassing they should be prefixed with the text “ext-“.

Wildcard entries are supported before and after the domain name, enabling flexible matching. For example, ext-*forbes.com will match any subdomain of forbes.com, and ext-*office* will match domains such as office.com or libreoffice.org. Wildcard characters placed before the ext- prefix are not supported—entries like *ext-*channel* will not be bypassed.

The length of the configured extensions must not exceed 2000 characters; any entries beyond this limit will be rejected. Users can add or remove extensions using the provided options and must deploy the changes for them to take effect. When a sensitive keyword is detected within a domain listed in the bypass configuration, it is not blocked or flagged, allowing the site to load without interruption. Domains not included in the bypass list continue to be monitored and handled according to standard detection rules.

This functionality is supported across Windows platforms for Chrome and Edge browsers. On macOS, support is available for Chrome and Safari.