+### FlashPlugin
+Configure the default Flash plugin policy as well as origins for which Flash is allowed.
+
+`Allow` is a list of origins where Flash are allowed.
+
+`Block` is a list of origins where Flash is not allowed.
+
+`Default` determines whether or not Flash is allowed by default.
+
+`Locked` prevents the user from changing Flash preferences.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `permissions.plugin`\
+**Preferences Affected:** `plugin.state.flash`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\FlashPlugin\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\FlashPlugin\Block\1 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\FlashPlugin\Default = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FlashPlugin\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Flash/FlashPlugin_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.org2https://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Flash/FlashPlugin_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Flash/FlashPlugin_Default
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>FlashPlugin</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>http://example.org</string>
+ </array>
+ <key>Block</key>
+ <array>
+ <string>http://example.edu</string>
+ </array>
+ <key>Default</key>
+ <true/> | <false/>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "FlashPlugin": {
+ "Allow": ["http://example.org/"],
+ "Block": ["http://example.edu/"],
+ "Default": true | false,
+ "Locked": true | false
+ }
+ }
+}
+```
+
+
+
+### Handlers
+Configure default application handlers. This policy is based on the internal format of `handlers.json`.
+
+You can configure handlers based on a mime type (`mimeTypes`), a file's extension (`extensions`), or a protocol (`schemes`).
+
+Within each handler type, you specify the given mimeType/extension/scheme as a key and use the following subkeys to describe how it is handled.
+
+| Name | Description |
+| --- | --- |
+| `action`| Can be either `saveToDisk`, `useHelperApp`, `useSystemDefault`.
+| `ask` | If `true`, the user is asked if what they want to do with the file. If `false`, the action is taken without user intervention.
+| `handlers` | An array of handlers with the first one being the default. If you don't want to have a default handler, use an empty object for the first handler. Choose between path or uriTemplate.
+| `name` | The display name of the handler (might not be used).
+| `path`| The native path to the executable to be used.
+| `uriTemplate`| A url to a web based application handler. The URL must be https and contain a %s to be used for substitution.
+
+**Compatibility:** Firefox 78, Firefox ESR 78\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Handlers (REG_MULTI_SZ) =
+{
+ "mimeTypes": {
+ "application/msword": {
+ "action": "useSystemDefault",
+ "ask": true | false
+ }
+ },
+ "schemes": {
+ "mailto": {
+ "action": "useHelperApp",
+ "ask": true | false,
+ "handlers": [{
+ "name": "Gmail",
+ "uriTemplate": "https://mail.google.com/mail/?extsrc=mailto&url=%s"
+ }]
+ }
+ },
+ "extensions": {
+ "pdf": {
+ "action": "useHelperApp",
+ "ask": true | false,
+ "handlers": [{
+ "name": "Adobe Acrobat",
+ "path": "C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe"
+ }]
+ }
+ }
+}
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Handlers
+```
+Value (string):
+```
+<enabled/>
+<data id="Handlers" value='
+{
+ "mimeTypes": {
+ "application/msword": {
+ "action": "useSystemDefault",
+ "ask": true | false
+ }
+ },
+ "schemes": {
+ "mailto": {
+ "action": "useHelperApp",
+ "ask": true | false,
+ "handlers": [{
+ "name": "Gmail",
+ "uriTemplate": "https://mail.google.com/mail/?extsrc=mailto&url=%s"
+ }]
+ }
+ },
+ "extensions": {
+ "pdf": {
+ "action": "useHelperApp",
+ "ask": true | false,
+ "handlers": [{
+ "name": "Adobe Acrobat",
+ "path": "C:\\Program Files (x86)\\Adobe\\Acrobat Reader DC\\Reader\\AcroRd32.exe"
+ }]
+ }
+ }
+}
+'/>
+```
+#### macOS
+```
+<dict>
+ <key>Handlers</key>
+ <dict>
+ <key>mimeTypes</key>
+ <dict>
+ <key>application/msword</key>
+ <dict>
+ <key>action</key>
+ <string>useSystemDefault</string>
+ <key>ask</key>
+ <true/> | <false/>
+ </dict>
+ </dict>
+ <key>schemes</key>
+ <dict>
+ <key>mailto</key>
+ <dict>
+ <key>action</key>
+ <string>useHelperApp</string>
+ <key>ask</key>
+ <true/> | <false/>
+ <key>handlers</key>
+ <array>
+ <dict>
+ <key>name</key>
+ <string>Gmail</string>
+ <key>uriTemplate</key>
+ <string>https://mail.google.com/mail/?extsrc=mailto&url=%s</string>
+ </dict>
+ </array>
+ </dict>
+ </dict>
+ <key>extensions</key>
+ <dict>
+ <key>pdf</key>
+ <dict>
+ <key>action</key>
+ <string>useHelperApp</string>
+ <key>ask</key>
+ <true/> | <false/>
+ <key>handlers</key>
+ <array>
+ <dict>
+ <key>name</key>
+ <string>Adobe Acrobat</string>
+ <key>path</key>
+ <string>/System/Applications/Preview.app</string>
+ </dict>
+ </array>
+ </dict>
+ </dict>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Handlers": {
+ "mimeTypes": {
+ "application/msword": {
+ "action": "useSystemDefault",
+ "ask": false
+ }
+ },
+ "schemes": {
+ "mailto": {
+ "action": "useHelperApp",
+ "ask": true | false,
+ "handlers": [{
+ "name": "Gmail",
+ "uriTemplate": "https://mail.google.com/mail/?extsrc=mailto&url=%s"
+ }]
+ }
+ },
+ "extensions": {
+ "pdf": {
+ "action": "useHelperApp",
+ "ask": true | false,
+ "handlers": [{
+ "name": "Adobe Acrobat",
+ "path": "/usr/bin/acroread"
+ }]
+ }
+ }
+ }
+ }
+}
+```
+### FirefoxHome
+Customize the Firefox Home page.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.newtabpage.activity-stream.showSearch`,`browser.newtabpage.activity-stream.feeds.topsites`,`browser.newtabpage.activity-stream.feeds.section.highlights`,`browser.newtabpage.activity-stream.feeds.section.topstories`,`browser.newtabpage.activity-stream.feeds.snippets`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\FirefoxHome\Search = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\TopSites = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\Highlights = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\Pocket = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\Snippets = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/CustomizeFirefoxHome
+```
+Value (string):
+```
+<enabled/>
+<data id="FirefoxHome_Search" value="true | false"/>
+<data id="FirefoxHome_TopSites" value="true | false"/>
+<data id="FirefoxHome_Highlights" value="true | false"/>
+<data id="FirefoxHome_Pocket" value="true | false"/>
+<data id="FirefoxHome_Snippets" value="true | false"/>
+<data id="FirefoxHome_Locked" value="true | false"/>
+```
+#### macOS
+```
+<dict>
+ <key>FirefoxHome</key>
+ <dict>
+ <key>Search</key>
+ <true/> | <false/>
+ <key>TopSites</key>
+ <true/> | <false/>
+ <key>Highlights</key>
+ <true/> | <false/>
+ <key>Pocket</key>
+ <true/> | <false/>
+ <key>Snippets</key>
+ <true/> | <false/>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "FirefoxHome": {
+ "Search": true | false,
+ "TopSites": true | false,
+ "Highlights": true | false,
+ "Pocket": true | false,
+ "Snippets": true | false,
+ "Locked": true | false
+ }
+ }
+}
+```
+### HardwareAcceleration
+Control hardware acceleration.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `layers.acceleration.disabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\HardwareAcceleration = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HardwareAcceleration
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>HardwareAcceleration</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "HardwareAcceleration": true | false
+ }
+}
+```
+### Homepage
+Configure the default homepage and how Firefox starts.
+
+`URL` is the default homepage.
+
+`Locked` prevents the user from changing homepage preferences.
+
+`Additional` allows for more than one homepage.
+
+`StartPage` is how Firefox starts. The choices are no homepage, the default homepage or the previous session.
+
+With Firefox 78, an additional option as added for `Startpage`, `homepage-locked`. This allows for locking the homepage, but still allowing the user to choose whether or not they want to restore their session.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (StartPage was added in Firefox 60, Firefox ESR 60.4, homepage-locked added in Firefox 78)\
+**CCK2 Equivalent:** `homePage`,`lockHomePage`\
+**Preferences Affected:** `browser.startup.homepage`,`browser.startup.page`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Homepage\URL = "https://example.com"
+Software\Policies\Mozilla\Firefox\Homepage\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Homepage\Additional\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Homepage\Additional\2 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\Homepage\StartPage = "none" | "homepage" | "previous-session" | "homepage-locked"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageURL
+```
+Value (string):
+```
+<enabled/>
+
+<data id="HomepageURL" value="https://example.com"/>
+<data id="HomepageLocked" value="true | false"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageAdditional
+```
+Value (string):
+```
+<enabled/>
+
+<data id="HomepageAdditional" value="1http://example.org2http://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Homepage/HomepageStartPage
+```
+Value (string):
+```
+<enabled/>
+
+<data id="StartPage" value="none | homepage | previous-session"/>
+```
+#### macOS
+```
+<dict>
+ <key>Homepage</key>
+ <dict>
+ <key>URL</key>
+ <string>http://example.com</string>
+ <key>Locked</key>
+ <true/> | <false/>
+ <key>Additional</key>
+ <array>
+ <string>http://example.org</string>
+ <string>http://example.edu</string>
+ </array>
+ <key>StartPage</key>
+ <string>none | homepage | previous-session | homepage-locked</string>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Homepage": {
+ "URL": "http://example.com/",
+ "Locked": true | false,
+ "Additional": ["http://example.org/",
+ "http://example.edu/"],
+ "StartPage": "none" | "homepage" | "previous-session" | "homepage-locked"
+ }
+ }
+}
+```
+### InstallAddonsPermission
+Configure the default extension install policy as well as origins for extension installs are allowed. This policy does not override turning off all extension installs.
+
+`Allow` is a list of origins where extension installs are allowed.
+
+`Default` determines whether or not extension installs are allowed by default.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `permissions.install`\
+**Preferences Affected:** `xpinstall.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\InstallAddonsPermission\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\InstallAddonsPermission\Allow\2 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\InstallAddonsPermission\Default = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Addons/InstallAddonsPermission_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.org2https://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Addons/InstallAddonsPermission_Default
+```
+Value (string):
+```
+<enabled/>
+```
+#### macOS
+```
+<dict>
+ <key>InstallAddonsPermission</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>http://example.org</string>
+ <string>http://example.edu</string>
+ </array>
+ <key>Default</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "InstallAddonsPermission": {
+ "Allow": ["http://example.org/",
+ "http://example.edu/"],
+ "Default": true | false
+ }
+ }
+}
+```
+### LegacyProfiles
+Disable the feature enforcing a separate profile for each installation.
+
+If this policy set to true, Firefox will not try to create different profiles for installations of Firefox in different directories. This is the equivalent of the MOZ_LEGACY_PROFILES environment variable.
+
+If this policy set to false, Firefox will create a new profile for each unique installation of Firefox.
+
+This policy only work on Windows via GPO (not policies.json).
+
+**Compatibility:** Firefox 70, Firefox ESR 68.2 (Windows only, GPO only)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\LegacyProfiles = = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/LegacyProfiles
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+### LocalFileLinks
+Enable linking to local files by origin.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `capability.policy.localfilelinks.*`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\LocalFileLinks\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\LocalFileLinks\2 = "https://example.edu"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/LocalFileLinks
+```
+Value (string):
+```
+<enabled/>
+<data id="LocalFileLinks" value="1https://example.org2https://example.edu"/>
+```
+#### macOS
+```
+<dict>
+ <key>LocalFileLinks</key>
+ <array>
+ <string>http://example.org</string>
+ <string>http://example.edu</string>
+ </array>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "LocalFileLinks": ["http://example.org/",
+ "http://example.edu/"]
+ }
+}
+```
+### PrimaryPassword
+Require or prevent using a primary (formerly master) password.
+
+If this value is true, a primary password is required. If this value is false, it works the same as if [`DisableMasterPasswordCreation`](#disablemasterpasswordcreation) was true and removes the primary password functionality.
+
+If both DisableMasterPasswordCreation and PrimaryPassword are used, DisableMasterPasswordCreation takes precedent.
+
+**Compatibility:** Firefox 79, Firefox ESR 78.1\
+**CCK2 Equivalent:** `noMasterPassword`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PrimaryPassword = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PrimaryPassword
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>PrimaryPassword</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "PrimaryPassword": true | false
+ }
+}
+```
+### NetworkPrediction
+Enable or disable network prediction (DNS prefetching).
+
+**Compatibility:** Firefox 67, Firefox ESR 60.7\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `network.dns.disablePrefetch`,`network.dns.disablePrefetchFromHTTPS`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\NetworkPrediction = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/NetworkPrediction
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>NetworkPrediction</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "NetworkPrediction": true | false
+}
+```
+### NewTabPage
+Enable or disable the New Tab page.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.newtabpage.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\NewTabPage = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/NewTabPage
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>NewTabPage</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "NewTabPage": true | false
+}
+```
+### NoDefaultBookmarks
+Disable the creation of default bookmarks.
+
+This policy is only effective if the user profile has not been created yet.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `removeDefaultBookmarks`\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\NoDefaultBookmarks = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/NoDefaultBookmarks
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>NoDefaultBookmarks</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "NoDefaultBookmarks": true | false
+ }
+}
+```
+### OfferToSaveLogins
+Control whether or not Firefox offers to save passwords.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `dontRememberPasswords`\
+**Preferences Affected:** `signon.rememberSignons`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\OfferToSaveLogins = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OfferToSaveLogins
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>OfferToSaveLogins</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "OfferToSaveLogins": true | false
+ }
+}
+```
+### OfferToSaveLoginsDefault
+Sets the default value of signon.rememberSignons without locking it.
+
+**Compatibility:** Firefox 70, Firefox ESR 60.2\
+**CCK2 Equivalent:** `dontRememberPasswords`\
+**Preferences Affected:** `signon.rememberSignons`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\OfferToSaveLoginsDefault = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OfferToSaveLoginsDefault
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>OfferToSaveLoginsDefault</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "OfferToSaveLoginsDefault": true | false
+ }
+}
+```
+### OverrideFirstRunPage
+Override the first run page. If the value is blank, no first run page is displayed.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `welcomePage`,`noWelcomePage`\
+**Preferences Affected:** `startup.homepage_welcome_url`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\OverrideFirstRunPage = "http://example.org"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OverrideFirstRunPage
+```
+Value (string):
+```
+<enabled/>
+<data id="OverridePage" value="https://example.com"/>
+```
+#### macOS
+```
+<dict>
+ <key>OverrideFirstRunPage</key>
+ <string>http://example.org</string>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "OverrideFirstRunPage": "http://example.org"
+}
+```
+### OverridePostUpdatePage
+Override the upgrade page. If the value is blank, no upgrade page is displayed.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `upgradePage`,`noUpgradePage`\
+**Preferences Affected:** `startup.homepage_override_url`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\OverridePostUpdatePage = "http://example.org"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/OverridePostUpdatePage
+```
+Value (string):
+```
+<enabled/>
+<data id="OverridePage" value="https://example.com"/>
+```
+#### macOS
+```
+<dict>
+ <key>OverridePostUpdatePage</key>
+ <string>http://example.org</string>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "OverridePostUpdatePage": "http://example.org"
+}
+```
+### PasswordManagerEnabled
+Remove access to the password manager via preferences and blocks about:logins on Firefox 70.
+
+**Compatibility:** Firefox 70, Firefox ESR 60.2\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `pref.privacy.disable_button.view_passwords`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PasswordManagerEnabled = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PasswordManagerEnabled
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>PasswordManagerEnabled</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "PasswordManagerEnabled": true | false
+ }
+}
+```
+### PDFjs
+Disable or configure PDF.js, the built-in PDF viewer.
+
+If `Enabled` is set to false, the built-in PDF viewer is disabled.
+
+If `EnablePermissions` is set to true, the built-in PDF viewer will honor document permissions like preventing the copying of text.
+
+Note: DisableBuiltinPDFViewer has not been deprecated. You can either continue to use it, or switch to using PDFjs->Enabled to disable the built-in PDF viewer. This new permission was added because we needed a place for PDFjs->EnabledPermissions.
+
+**Compatibility:** Firefox 77, Firefox ESR 68.9\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `pdfjs.diabled`,`pdfjs.enablePermissions`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PDFjs\Enabled = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\PDFjs\EnablePermissions = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~PDFjs/PDFjs_Enabled
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~PDFjs/PDFjs_EnablePermissions
+```
+Value (string):
+```
+<enabled/>or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>PDFjs</key>
+ <dict>
+ <key>Enabled</key>
+ <true/> | <false/>
+ <key><EnablePermissions</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "PSFjs": {
+ "Enabled": true | false,
+ "EnablePermissions": true | false
+ }
+}
+```
+### Permissions
+Set permissions associated with camera, microphone, location, notifications, autoplay, and virtual reality. Because these are origins, not domains, entries with unique ports must be specified separately. See examples below.
+
+`Allow` is a list of origins where the feature is allowed.
+
+`Block` is a list of origins where the feature is not allowed.
+
+`BlockNewRequests` determines whether or not new requests can be made for the feature.
+
+`Locked` prevents the user from changing preferences for the feature.
+
+`Default` specifies the default value for Autoplay. block-audio-video is not supported on Firefox ESR 68.
+
+**Compatibility:** Firefox 62, Firefox ESR 60.2 (Autoplay added in Firefox 74, Firefox ESR 68.6, Autoplay Default/Locked added in Firefox 76, Firefox ESR 68.8, VirtualReality added in Firefox 80, Firefox ESR 78.2)\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `permissions.default.camera`,`permissions.default.microphone`,`permissions.default.geo`,`permissions.default.desktop-notification`,`media.autoplay.default`.`permissions.default.xr`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Permissions\Camera\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Permissions\Camera\Allow\2 = "https://example.org:1234"
+Software\Policies\Mozilla\Firefox\Permissions\Camera\Block\1 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\Permissions\Camera\BlockNewRequests = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Camera\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Microphone\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Permissions\Microphone\Block\1 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\Permissions\Microphone\BlockNewRequests = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Microphone\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Location\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Permissions\Location\Block\1 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\Permissions\Location\BlockNewRequests = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Location\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Notifications\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Permissions\Notifications\Block\1 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\Permissions\Notifications\BlockNewRequests = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Notifications\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\Autoplay\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Permissions\Autoplay\Block\1 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\Permissions\Autoplay\Default = "allow-audio-video" | "block-audio" | "block-audio-video"
+Software\Policies\Mozilla\Firefox\Permissions\Autoplay\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\VirtualReality\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\Permissions\VirtualReality\Block\1 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\Permissions\VirtualReality\BlockNewRequests = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Permissions\VirtualReality\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Location/Location_BlockNewRequests
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Location/Location_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Notifications/Notifications_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.org"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Notifications/Notifications_BlockNewRequests
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Notifications/Notifications_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Autoplay/Autoplay_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.org"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Autoplay/Autoplay_Block
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Autoplay/Autoplay_Default
+```
+Value (string):
+```
+<enabled/>
+<data id="Autoplay_Default" value="allow-audio-video | block-audio | block-audio-video"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Autoplay/Autoplay_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Notifications/VirtualReality_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.org"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Notifications/VirtualReality_Block
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Notifications/VirtualReality_BlockNewRequests
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Permissions~Notifications/VirtualReality_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>Permissions</key>
+ <dict>
+ <key>Camera</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>https://example.org</string>
+ <string>https://example.org:1234</string>
+ </array>
+ <key>Block</key>
+ <array>
+ <string>https://example.edu</string>
+ </array>
+ <key>BlockNewRequests</key>
+ <true/> | <false/>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+ <key>Microphone</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>https://example.org</string>
+ </array>
+ <key>Block</key>
+ <array>
+ <string>https://example.edu</string>
+ </array>
+ <key>BlockNewRequests</key>
+ <true/> | <false/>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+ <key>Location</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>https://example.org</string>
+ </array>
+ <key>Block</key>
+ <array>
+ <string>https://example.edu</string>
+ </array>
+ <key>BlockNewRequests</key>
+ <true/> | <false/>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+ <key>Notifications</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>https://example.org</string>
+ </array>
+ <key>Block</key>
+ <array>
+ <string>https://example.edu</string>
+ </array>
+ <key>BlockNewRequests</key>
+ <true/>
+ <key>Locked</key>
+ <true/>
+ </dict>
+ <key>Autoplay</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>https://example.org</string>
+ </array>
+ <key>Block</key>
+ <array>
+ <string>https://example.edu</string>
+ </array>
+ <key>Default</key>
+ <string>allow-audio-video | block-audio | block-audio-video</string>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Permissions": {
+ "Camera": {
+ "Allow": ["https://example.org","https://example.org:1234"],
+ "Block": ["https://example.edu"],
+ "BlockNewRequests": true | false,
+ "Locked": true | false
+ },
+ "Microphone": {
+ "Allow": ["https://example.org"],
+ "Block": ["https://example.edu"],
+ "BlockNewRequests": true | false,
+ "Locked": true | false
+ },
+ "Location": {
+ "Allow": ["https://example.org"],
+ "Block": ["https://example.edu"],
+ "BlockNewRequests": true | false,
+ "Locked": true | false
+ },
+ "Notifications": {
+ "Allow": ["https://example.org"],
+ "Block": ["https://example.edu"],
+ "BlockNewRequests": true | false,
+ "Locked": true | false
+ },
+ "Autoplay": {
+ "Allow": ["https://example.org"],
+ "Block": ["https://example.edu"],
+ "Default": "allow-audio-video" | "block-audio" | "block-audio-video",
+ "Locked": true | false
+ }
+ }
+ }
+}
+```
+### PictureInPicture
+
+Enable or disable Picture-in-Picture.
+
+**Compatibility:** Firefox 78, Firefox ESR 78\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `media.videocontrols.picture-in-picture.video-toggle.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PictureInPicture = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PictureInPicture
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>PictureInPicture</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "PictureInPicture": true | false
+ }
+}
+```
+### PopupBlocking
+Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
+
+`Allow` is a list of origins where popup-windows are allowed.
+
+`Default` determines whether or not pop-up windows are allowed by default.
+
+`Locked` prevents the user from changing pop-up preferences.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `permissions.popup`\
+**Preferences Affected:** `dom.disable_open_during_load`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PopupBlocking\Allow\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\PopupBlocking\Allow\2 = "https://example.edu"
+Software\Policies\Mozilla\Firefox\PopupBlocking\Default = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\PopupBlocking\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Popups/PopupBlocking_Allow
+```
+Value (string):
+```
+<enabled/>
+<data id="Permissions" value="1https://example.org2https://example.edu"/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Popups/PopupBlocking_Default
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Popups/PopupBlocking_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>PopupBlocking</key>
+ <dict>
+ <key>Allow</key>
+ <array>
+ <string>http://example.org</string>
+ <string>http://example.edu</string>
+ </array>
+ <key>Default</key>
+ <true/> | <false/>
+ <key>Locked</key>
+ <true/> | <false/>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "PopupBlocking": {
+ "Allow": ["http://example.org/",
+ "http://example.edu/"],
+ "Default": true | false,
+ "Locked": true | false
+ }
+ }
+}
+```
+### Preferences
+Set and lock certain preferences.
+
+**Compatibility:** See below\
+**CCK2 Equivalent:** `preferences`\
+**Preferences Affected:** See below
+
+| Preference | Type | Compatibility | Default
+| --- | --- | --- | ---
+| accessibility.force_disabled | integer | Firefox 70, Firefox ESR 68.2 | 0
+| If set to 1, platform accessibility is disabled.
+| app.update.auto (Deprecated - Switch to AppAutoUpdate policy) | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, Firefox doesn't automatically install update.
+| browser.bookmarks.autoExportHTML | boolean | Firefox 70, Firefox ESR 68.2 | false
+| If true, bookmarks are exported on shutdown.
+| browser.bookmarks.file | string | Firefox 70, Firefox ESR 68.2 | N/A
+| If set, the name of the file where bookmarks are exported and imported.
+| browser.bookmarks.restore_default_bookmarks | boolean | Firefox 70, Firefox ESR 68.2 | N/A
+| If true, bookmarks are restored to their defaults.
+| browser.cache.disk.enable | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, don't store cache on the hard drive.
+| ~browser.cache.disk.parent_directory~ | string | Firefox 68, Firefox ESR 68 | Profile temporary directory
+| ~If set, changes the location of the disk cache.~ This policy doesn't work. It's being worked on.
+| browser.fixup.dns_first_for_single_words | boolean | Firefox 68, Firefox ESR 68 | false
+| If true, single words are sent to DNS, not directly to search.
+| browser.newtabpage.activity-stream.default.sites | string | Firefox 72, ESR 68.4 | Locale dependent
+| If set, a list of URLs to use as the default top sites on the new tab page.
+| browser.places.importBookmarksHTML | boolean | Firefox 70, Firefox ESR 68.2
+| If true, bookmarks are always imported on startup.
+| browser.safebrowsing.phishing.enabled | boolean | Firefox 70, Firefox ESR 68.2 | true
+| If false, phishing protection is not enabled (Not recommended)
+| browser.safebrowsing.malware.enabled | boolean | Firefox 70, Firefox ESR 68.2 | true
+| If false, malware protection is not enabled (Not recommended)
+| browser.search.update | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, updates for search engines are not checked.
+| browser.slowStartup.notificationDisabled | boolean | Firefox 70, Firefox ESR 68.2 | false
+| If true, a notification isn't shown if startup is slow.
+| browser.tabs.warnOnClose | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, there is no warning when the browser is closed.
+| browser.taskbar.previews.enable | boolean | Firefox 70, Firefox ESR 68.2 (Windows only) | false
+| If true, tab previews are shown in the Windows taskbar.
+| browser.urlbar.suggest.bookmark | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, bookmarks aren't suggested when typing in the URL bar.
+| browser.urlbar.suggest.history | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, history isn't suggested when typing in the URL bar.
+| browser.urlbar.suggest.openpage | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, open tabs aren't suggested when typing in the URL bar.
+| datareporting.policy.dataSubmissionPolicyBypassNotification | boolean | Firefox 68, Firefox ESR 68 | false
+| If true, don't show the privacy policy tab on first run.
+| dom.allow_scripts_to_close_windows | boolean | Firefox 70, Firefox ESR 68.2 | false
+| If false, web page can close windows.
+| dom.disable_window_flip | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, web pages can focus and activate windows.
+| dom.disable_window_move_resize | boolean | Firefox 68, Firefox ESR 68 | false
+| If true, web pages can't move or resize windows.
+| dom.event.contextmenu.enabled | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, web pages can't override context menus.
+| dom.keyboardevent.keypress.hack.dispatch_non_printable_keys.addl | string | Firefox 68, Firefox ESR 68 | N/A
+| See https://support.mozilla.org/en-US/kb/dom-events-changes-introduced-firefox-66
+| dom.keyboardevent.keypress.hack.use_legacy_keycode_and_charcode.addl | string | Firefox 68, Firefox ESR 68 | N/A
+| See https://support.mozilla.org/en-US/kb/dom-events-changes-introduced-firefox-66
+| dom.xmldocument.load.enabled | boolean | Firefox ESR 68.5 | true.
+| If false, XMLDocument.load is not available.
+| dom.xmldocument.async.enabled | boolean | Firefox ESR 68.5 | true
+| If false, XMLDocument.async is not available.
+| extensions.blocklist.enabled | boolean | Firefox 70, Firefox ESR 68.2 | true
+| If false, the extensions blocklist is not used (Not recommended)
+| extensions.getAddons.showPane | boolean | Firefox 68, Firefox ESR 68 | N/A
+| If false, the Recommendations tab is not displayed in the Add-ons Manager.
+| extensions.htmlaboutaddons.recommendations.enabled | boolean | Firefox 72, Firefox ESR 68.4 | true
+| If false, recommendations are not shown on the Extensions tab in the Add-ons Manager.
+| geo.enabled | boolean | Firefox 70, Firefox ESR 68.2 | true
+| If false, the geolocation API is disabled. | Language dependent
+| intl.accept_languages | string | Firefox 70, Firefox ESR 68.2
+| If set, preferred language for web pages.
+| media.eme.enabled (Deprecated - Switch to EncryptedMediaExtensions policy) | boolean | Firefox 70, Firefox ESR 68.2 | true
+| If false, Encrypted Media Extensions are not enabled.
+| media.gmp-gmpopenh264.enabled | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, the OpenH264 plugin is not downloaded.
+| media.gmp-widevinecdm.enabled | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, the Widevine plugin is not downloaded.
+| media.peerconnection.enabled | boolean | Firefox 72, Firefox ESR 68.4 | true
+| If false, WebRTC is disabled
+| media.peerconnection.ice.obfuscate_host_addresses.whitelist (Deprecated) | string | Firefox 72, Firefox ESR 68.4 | N/A
+| If set, a list of domains for which mDNS hostname obfuscation is
+disabled
+| media.peerconnection.ice.obfuscate_host_addresses.blocklist | string | Firefox 79, Firefox ESR 78.1 | N/A
+| If set, a list of domains for which mDNS hostname obfuscation is
+disabled
+| network.dns.disableIPv6 | boolean | Firefox 68, Firefox ESR 68 | false
+| If true, IPv6 DNS lokoups are disabled.
+| network.IDN_show_punycode | boolean | Firefox 68, Firefox ESR 68 | false
+| If true, display the punycode version of internationalized domain names.
+| places.history.enabled | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, history is not enabled.
+| print.save_print_settings | boolean | Firefox 70, Firefox ESR 68.2 | true
+| If false, print settings are not saved between jobs.
+| security.default_personal_cert | string | Firefox 68, Firefox ESR 68 | Ask Every Time
+| If set to Select Automatically, Firefox automatically chooses the default personal certificate.
+| security.mixed_content.block_active_content | boolean | Firefox 70, Firefox ESR 68.2 | true
+| If false, mixed active content (HTTP and HTTPS) is not blocked.
+| security.osclientcerts.autoload | boolean | Firefox 72 (Windows), Firefox 75 (macOS) | false
+| If true, client certificates are loaded from the operating system certificate store.
+| security.ssl.errorReporting.enabled | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, SSL errors cannot be sent to Mozilla.
+| security.tls.hello_downgrade_check | boolean | Firefox 72, Firefox ESR 68.4 | true
+| If false, the TLS 1.3 downgrade check is disabled.
+| ui.key.menuAccessKeyFocuses | boolean | Firefox 68, Firefox ESR 68 | true
+| If false, the Alt key doesn't show the menubar on Windows.
+| widget.content.gtk-theme-override | string | Firefox 72, Firefox ESR 68.4 (Linux only) | N/A
+| If set, overrides the GTK theme for widgets.
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Preferences\boolean_preference_name = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Preferences\string_preference_name = "string_value"
+```
+#### Windows (Intune)
+OMA-URI: (periods are replaced by underscores)
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Preferences/boolean_preference_name
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI: (periods are replaced by underscores)
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Preferences/string_preference_name
+```
+Value (string):
+```
+<enabled/>
+<data id="Preferences_String" value="string_value"/>
+```
+#### macOS
+```
+<dict>
+ <key>Preferences</key>
+ <dict>
+ <key>boolean_preference_name</key>
+ <true/> | <false/>
+ <key>string_preference_name</key>
+ <string>string_value</string>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Preferences": {
+ "boolean_preference_name": true | false,
+ "string_preference_name": "string_value"
+ }
+ }
+}
+```
+### PromptForDownloadLocation
+Ask where to save each file before downloading.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.useDownloadDir`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PromptForDownloadLocation = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PromptForDownloadLocation
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>PromptForDownloadLocation</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "PromptForDownloadLocation": true | false
+ }
+}
+```
+### Proxy
+Configure proxy settings. These settings correspond to the connection settings in Firefox preferences.
+To specify ports, append them to the hostnames with a colon (:).
+
+`Mode` is the proxy method being used.
+
+`Locked` is whether or not proxy settings can be changed.
+
+`HTTPProxy` is the HTTP proxy server.
+
+`UseHTTPProxyForAllProtocols` is whether or not the HTTP proxy should be used for all other proxies.
+
+`SSLProxy` is the SSL proxy server.
+
+`FTPProxy` is the FTP proxy server.
+
+`SOCKSProxy` is the SOCKS proxy server
+
+`SOCKSVersion` is the SOCKS version (4 or 5)
+
+`Passthrough` is list of hostnames or IP addresses that will not be proxied. Use `<local>` to bypass proxying for all hostnames which do not contain periods.
+
+`AutoConfigURL` is a URL for proxy configuration (only used if Mode is autoConfig).
+
+`AutoLogin` means do not prompt for authentication if password is saved.
+
+`UseProxyForDNS` to use proxy DNS when using SOCKS v5.
+
+**Compatibility:** Firefox 60, Firefox ESR 60\
+**CCK2 Equivalent:** `networkProxy*`\
+**Preferences Affected:** `network.proxy.type`,`network.proxy.autoconfig_url`,`network.proxy.socks_remote_dns`,`signon.autologin.proxy`,`network.proxy.socks_version`,`network.proxy.no_proxies_on`,`network.proxy.share_proxy_settings`,`network.proxy.http`,`network.proxy.http_port`,`network.proxy.ftp`,`network.proxy.ftp_port`,`network.proxy.ssl`,`network.proxy.ssl_port`,`network.proxy.socks`,`network.proxy.socks_port`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\Proxy\Mode = "none" | "system" | "manual" | "autoDetect" | "autoConfig"
+Software\Policies\Mozilla\Firefox\Proxy\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\=Proxy\HTTPProxy = https://httpproxy.example.com
+Software\Policies\Mozilla\Firefox\Proxy\UseHTTPProxyForAllProtocols = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Proxy\SSLProxy = https://sslproxy.example.com
+Software\Policies\Mozilla\Firefox\Proxy\FTPProxy = https://ftpproxy.example.com
+Software\Policies\Mozilla\Firefox\Proxy\SOCKSProxy = https://socksproxy.example.com
+Software\Policies\Mozilla\Firefox\Proxy\SOCKSVersion = 0x4 | 0x5
+Software\Policies\Mozilla\Firefox\Proxy\Passthrough = <local>
+Software\Policies\Mozilla\Firefox\Proxy\AutoConfigURL = URL_TO_AUTOCONFIG
+Software\Policies\Mozilla\Firefox\Proxy\AutoLogin = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Proxy\UseProxyForDNS = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/Proxy
+```
+Value (string):
+```
+<enabled/>
+<data id="ProxyLocked" value="true | false"/>
+<data id="ConnectionType" value="none | system | manual | autoDetect | autoConfig"/>
+<data id="HTTPProxy" value="https://httpproxy.example.com"/>
+<data id="UseHTTPProxyForAllProtocols" value="true | false"/>
+<data id="SSLProxy" value="https://sslproxy.example.com"/>
+<data id="FTPProxy" value="https://ftpproxy.example.com"/>
+<data id="SOCKSProxy" value="https://socksproxy.example.com"/>
+<data id="SOCKSVersion" value="4 | 5"/>
+<data id="AutoConfigURL" value="URL_TO_AUTOCONFIG"/>
+<data id="Passthrough" value="<local>"/>
+<data id="AutoLogin" value="true | false"/>
+<data id="UseProxyForDNS" value="true | false"/>
+```
+#### macOS
+```
+<dict>
+ <key>Proxy</key>
+ <dict>
+ <key>Mode</key>
+ <string>none | system | manual | autoDetect | autoConfig</string>
+ <key>Locked</key>
+ <true> | </false>
+ <key>HTTPProxy</key>
+ <string>https://httpproxy.example.com</string>
+ <key>UseHTTPProxyForAllProtocols</key>
+ <true> | </false>
+ <key>SSLProxy</key>
+ <string>https://sslproxy.example.com</string>
+ <key>FTPProxy</key>
+ <string>https://ftpproxy.example.com</string>
+ <key>SOCKSProxy</key>
+ <string>https://socksproxy.example.com</string>
+ <key>SOCKSVersion</key>
+ <string>4 | 5</string>
+ <key>Passthrough</key>
+ <string><local>></string>
+ <key>AutoConfigURL</key>
+ <string>URL_TO_AUTOCONFIG</string>
+ <key>AutoLogin</key>
+ <true> | </false>
+ <key>UseProxyForDNS</key>
+ <true> | </false>
+ </dict>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "Proxy": {
+ "Mode": "none" | "system" | "manual" | "autoDetect" | "autoConfig",
+ "Locked": true | false,
+ "HTTPProxy": "hostname",
+ "UseHTTPProxyForAllProtocols": true | false,
+ "SSLProxy": "hostname",
+ "FTPProxy": "hostname",
+ "SOCKSProxy": "hostname",
+ "SOCKSVersion": 4 | 5
+ "Passthrough": "<local>",
+ "AutoConfigURL": "URL_TO_AUTOCONFIG",
+ "AutoLogin": true | false,
+ "UseProxyForDNS": true | false
+ }
+ }
+}
+```
+### RequestedLocales
+Set the the list of requested locales for the application in order of preference. It will cause the corresponding language pack to become active.
+
+Note: For Firefox 68, this can now be a string so that you can specify an empty value.
+
+**Compatibility:** Firefox 64, Firefox ESR 60.4, Updated in Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\RequestedLocales\1 = "de"
+Software\Policies\Mozilla\Firefox\RequestedLocales\2 = "en-US"
+
+or
+
+Software\Policies\Mozilla\Firefox\RequestedLocales = "de,en-US"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/RequestedLocalesString
+```
+Value (string):
+```
+<enabled/>
+<data id="Preferences_String" value="de,en-US"/>
+```
+#### macOS
+```
+<dict>
+ <key>RequestedLocales</key>
+ <array>
+ <string>de</string>
+ <string>en-US</string>
+ </array>
+</dict>
+
+or
+
+<dict>
+ <key>RequestedLocales</key>
+ <string>de,en-US</string>
+</dict>
+
+```
+#### policies.json