+### HttpAllowlist
+Configure sites that will not be upgraded to HTTPS.
+
+The sites are specified as a list of origins.
+
+**Compatibility:** Firefox 127\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\HttpAllowlist\1 = "http://example.org"
+Software\Policies\Mozilla\Firefox\HttpAllowlist\2 = "http://example.edu"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpAllowlist
+```
+Value (string):
+```
+<enabled/>
+<data id="List" value="1http://example.org2http://example.edu"/>
+```
+#### macOS
+```
+<dict>
+ <key>HttpAllowlist </key>
+ <array>
+ <string>http://example.org</string>
+ <string>http://example.edu</string>
+ </array>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "HttpAllowlist ": ["http://example.org",
+ "http://example.edu"]
+ }
+}
+```
+### HttpsOnlyMode
+Configure HTTPS-Only Mode.
+
+| Value | Description
+| --- | --- |
+| allowed | HTTPS-Only Mode is off by default, but the user can turn it on.
+| disallowed | HTTPS-Only Mode is off and the user can't turn it on.
+| enabled | HTTPS-Only Mode is on by default, but the user can turn it off.
+| force_enabled | HTTPS-Only Mode is on and the user can't turn it off.
+
+**Compatibility:** Firefox 127\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `dom.security.https_only_mode`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\HttpsOnlyMode = "allowed", "disallowed", "enabled", "force_enabled"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpsOnlyMode
+```
+Value (string):
+```
+<enabled/>
+<data id="HttpsOnlyMode" value="allowed | disallowed | enabled | force_enabled"/>
+```
+#### macOS
+```
+<dict>
+ <key>HttpsOnlyMode</key>
+ <string>allowed | disallowed | enabled| force_enabled</string>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "HttpsOnlyMode": "allowed" | "disallowed" | "enabled" | "force_enabled"
+ }
+}
+```