-Policies can either be specified using the GPO templates or by putting a file called policies.json in the distribution directory.
+Policies can either be specified using the Group Policy templates or by creating a file called policies.json. On Windows, create a directory called distribution where the EXE is located and place the file there. On Mac, the file goes into Firefox.app/Content/Resources/distribution.
+
The content of the JSON file should look like this:
```
{
}
}
```
-Policies are documented below.
-
+Policies are documented below. Note that even though comments are used in this file for documentation, comments are not allowed for JSON files.
+### Authentication
+This policy is for configuring sites that support integrated authentication. See https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication for more information.
+```
+{
+ "policies": {
+ "Authentication": {
+ "SPNEGO": ["mydomain.com", "https://myotherdomain.com"],
+ "Delegated": ["mydomain.com", "https://myotherdomain.com"],
+ "NTLM": ["mydomain.com", "https://myotherdomain.com"]
+ }
+ }
+}
+```
### BlockAboutAddons
This policy removes access to about:addons.
```
}
}
```
+### Certificates
+This is a Windows only policy that tells Firefox to read certificates from the Windows certificate store.
+```
+{
+ "policies": {
+ "Certificates": {
+ "ImportEnterpriseRoots": [true|false]
+ }
+ }
+}
+```
+### Cookies
+This policy controls various settings related to cookies.
+```
+{
+ "policies": {
+ "Cookies": {
+ "Allow": ["http://example.org/"], /* Domains where cookies are always allowed */
+ "Block": ["http://example.edu/"], /* Domains where cookies are always blocked */
+ "Default": [true|false], /* This sets the default value for "Accept cookies from websites" */
+ "AcceptThirdParty": ["all", "none", "from-visited"], /* This sets the default value for "Accept third-party cookies" */
+ "ExpireAtSessionEnd": [true|false], /* This determines when cookies expire */
+ "Locked": [true|false] /* If this is true, cookies preferences can't be changed */
+ }
+ }
+}
+```
### CreateMasterPassword
This policy removes the master password functionality.
```
}
}
```
-### Cookies
-This policy sets domains that can set or not set cookies.
-```
-{
- "policies": {
- "Cookies": {
- "Allow": ["http://example.org/"],
- "Block": ["http://example.edu/"]
- }
- }
-}
-```
### FlashPlugin
This policy sets domains that can use or not use Flash
```
"UseHTTPProxyForAllProtocols": [true, false]
"SSLProxy": "hostname",
"FTPProxy": "hostname",
- "SOCKSProxy": { "hostname",
+ "SOCKSProxy": "hostname",
"SOCKSVersion": [4, 5],
"Passthrough": "List of passthrough addresses/domains",
"AutoConfigURL": "URL_TO_AUTOCONFIG",