]> git.p6c8.net - policy-templates.git/blobdiff - docs/index.md
Add new Https options to README
[policy-templates.git] / docs / index.md
index 67a23bcdf5bc2591c93efc8181362e4528d71b17..361dee34031a0ad6046f8ed3a6c8c819fc973fed 100644 (file)
@@ -80,6 +80,8 @@ Unfortunately, JSON files do not support comments, but you can add extra entries
 | **[`Handlers`](#handlers)** | Configure default application handlers.
 | **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
 | **[`Homepage`](#homepage)** | Configure the default homepage and how Firefox starts.
 | **[`Handlers`](#handlers)** | Configure default application handlers.
 | **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
 | **[`Homepage`](#homepage)** | Configure the default homepage and how Firefox starts.
+| **[`HttpAllowlist`](#httpallowlist)** | Configure origins that will not be upgraded to HTTPS.
+| **[`HttpsOnlyMode`](#httpsonlymode)** | Configure HTTPS-Only Mode.
 | **[`InstallAddonsPermission`](#installaddonspermission)** | Configure the default extension install policy as well as origins for extension installs are allowed.
 | **[`LegacyProfiles`](#legacyprofiles)** | Disable the feature enforcing a separate profile for each installation.
 | **[`LegacySameSiteCookieBehaviorEnabled`](#legacysamesitecookiebehaviorenabled)** | Enable default legacy SameSite cookie behavior setting.
 | **[`InstallAddonsPermission`](#installaddonspermission)** | Configure the default extension install policy as well as origins for extension installs are allowed.
 | **[`LegacyProfiles`](#legacyprofiles)** | Disable the feature enforcing a separate profile for each installation.
 | **[`LegacySameSiteCookieBehaviorEnabled`](#legacysamesitecookiebehaviorenabled)** | Enable default legacy SameSite cookie behavior setting.
@@ -100,6 +102,7 @@ Unfortunately, JSON files do not support comments, but you can add extra entries
 | **[`Permissions`](#permissions)** | Set permissions associated with camera, microphone, location, and notifications.
 | **[`PictureInPicture`](#pictureinpicture)** | Enable or disable Picture-in-Picture.
 | **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
 | **[`Permissions`](#permissions)** | Set permissions associated with camera, microphone, location, and notifications.
 | **[`PictureInPicture`](#pictureinpicture)** | Enable or disable Picture-in-Picture.
 | **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
+| **[`PostQuantumKeyAgreementEnabled`](#postquantumkeyagreementenabled)** | Enable post-quantum key agreement for TLS.
 | **[`Preferences`](#preferences)** | Set and lock preferences.
 | **[`PrimaryPassword`](#primarypassword)** | Require or prevent using a primary (formerly master) password.
 | **[`PrintingEnabled`](#printingenabled)** | Enable or disable printing.
 | **[`Preferences`](#preferences)** | Set and lock preferences.
 | **[`PrimaryPassword`](#primarypassword)** | Require or prevent using a primary (formerly master) password.
 | **[`PrintingEnabled`](#printingenabled)** | Enable or disable printing.
@@ -3535,6 +3538,92 @@ Value (string):
   }
 }
 ```
   }
 }
 ```
+### HttpAllowlist
+Configure site that will not be upgraded to HTTPS.
+
+The sites are specified as a list of origins.
+
+**Compatibility:** Firefox 127\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\HttpAllowlist\1 = "http://example.org"
+Software\Policies\Mozilla\Firefox\HttpAllowlist\2 = "http://example.edu"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpAllowlist 
+```
+Value (string):
+```
+<enabled/>
+<data id="List" value="1&#xF000;http://example.org&#xF000;2&#xF000;http://example.edu"/>
+```
+#### macOS
+```
+<dict>
+  <key>HttpAllowlist </key>
+  <array>
+    <string>http://example.org</string>
+    <string>http://example.edu</string>
+  </array>
+</dict>
+```
+#### policies.json
+```
+{
+  "policies": {
+    "HttpAllowlist ": ["http://example.org",
+                       "http://example.edu"]
+  }
+}
+```
+### HttpsOnlyMode
+Configure HTTPS-Only Mode.
+
+| Value | Description
+| --- | --- |
+| allowed | HTTPS-Only Mode is off by default, but the user can turn it on.
+| disallowed | HTTPS-Only Mode is off and the user can't turn it on.
+| enabled | HTTPS-Only Mode is on by default, but the user can turn it off.
+| force_enabled | HTTPS-Only Mode is on and the user can't turn it off.
+
+**Compatibility:** Firefox 127\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `dom.security.https_only_mode`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\HttpsOnlyMode = "allowed", "disallowed", "enabled", "force_enabled"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpsOnlyMode
+```
+Value (string):
+```
+<enabled/>
+<data id="HttpsOnlyMode" value="allowed | disallowed | enabled | force_enabled"/>
+```
+#### macOS
+```
+<dict>
+  <key>HttpsOnlyMode</key>
+  <string>allowed | disallowed | enabled| force_enabled</string>
+</dict>
+```
+#### policies.json
+```
+{
+  "policies": {
+    "HttpsOnlyMode": "allowed" | "disallowed" | "enabled" | "force_enabled"
+  }
+}
+```
 ### InstallAddonsPermission
 Configure the default extension install policy as well as origins for extension installs are allowed. This policy does not override turning off all extension installs.
 
 ### InstallAddonsPermission
 Configure the default extension install policy as well as origins for extension installs are allowed. This policy does not override turning off all extension installs.
 
@@ -4272,7 +4361,6 @@ Value (string):
   }
 }
 ```
   }
 }
 ```
-
 ### PDFjs
 Disable or configure PDF.js, the built-in PDF viewer.
 
 ### PDFjs
 Disable or configure PDF.js, the built-in PDF viewer.
 
@@ -4726,6 +4814,41 @@ Value (string):
   }
 }
 ```
   }
 }
 ```
+### PostQuantumKeyAgreementEnabled
+Enable post-quantum key agreement for TLS.
+
+**Compatibility:** Firefox 127\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `security.tls.enable_kyber`, `network.http.http3.enable_kyber` (Firefox 128)
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PostQuantumKeyAgreementEnabled = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PostQuantumKeyAgreementEnabled
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+  <key>PostQuantumKeyAgreementEnabled</key>
+  <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+  "policies": {
+    "PostQuantumKeyAgreementEnabled": true | false
+  }
+}
+```
 ### Preferences
 Set and lock preferences.
 
 ### Preferences
 Set and lock preferences.
 
@@ -6143,7 +6266,7 @@ Value (string):
 
 Prevent Firefox from messaging the user in certain situations.
 
 
 Prevent Firefox from messaging the user in certain situations.
 
-`WhatsNew` Remove the "What's New" icon and menuitem.
+`WhatsNew` Remove the "What's New" icon and menuitem. (*Deprecated*)
 
 `ExtensionRecommendations` If false, don't recommend extensions while the user is visiting web pages.
 
 
 `ExtensionRecommendations` If false, don't recommend extensions while the user is visiting web pages.
 
@@ -6159,11 +6282,10 @@ Prevent Firefox from messaging the user in certain situations.
 
 **Compatibility:** Firefox 75, Firefox ESR 68.7\
 **CCK2 Equivalent:** N/A\
 
 **Compatibility:** Firefox 75, Firefox ESR 68.7\
 **CCK2 Equivalent:** N/A\
-**Preferences Affected:** `browser.messaging-system.whatsNewPanel.enabled`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features`, `browser.aboutwelcome.enabled`, `browser.preferences.moreFromMozilla`
+**Preferences Affected:** `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features`, `browser.aboutwelcome.enabled`, `browser.preferences.moreFromMozilla`
 
 #### Windows (GPO)
 ```
 
 #### Windows (GPO)
 ```
-Software\Policies\Mozilla\Firefox\UserMessaging\WhatsNew = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\UserMessaging\ExtensionRecommendations = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\UserMessaging\FeatureRecommendations = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\UserMessaging\UrlbarInterventions = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\UserMessaging\ExtensionRecommendations = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\UserMessaging\FeatureRecommendations = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\UserMessaging\UrlbarInterventions = 0x1 | 0x0
@@ -6174,7 +6296,6 @@ Software\Policies\Mozilla\Firefox\UserMessaging\Locked = 0x1 | 0x0
 #### Windows (Intune)
 OMA-URI:
 ```
 #### Windows (Intune)
 OMA-URI:
 ```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_WhatsNew
 ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_ExtensionRecommendations
 ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_FeatureRecommendations
 ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_UrlbarInterventions
 ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_ExtensionRecommendations
 ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_FeatureRecommendations
 ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_UrlbarInterventions
@@ -6191,8 +6312,6 @@ Value (string):
 <dict>
   <key>UserMessaging</key>
   <dict>
 <dict>
   <key>UserMessaging</key>
   <dict>
-    <key>WhatsNew</key>
-    <true/> | <false/>
     <key>ExtensionRecommendations</key>
     <true/> | <false/>
     <key>FeatureRecommendations</key>
     <key>ExtensionRecommendations</key>
     <true/> | <false/>
     <key>FeatureRecommendations</key>
@@ -6213,7 +6332,6 @@ Value (string):
 {
   "policies": {
     "UserMessaging": {
 {
   "policies": {
     "UserMessaging": {
-      "WhatsNew": true | false,
       "ExtensionRecommendations": true | false,
       "FeatureRecommendations": true | false,
       "UrlbarInterventions": true | false,
       "ExtensionRecommendations": true | false,
       "FeatureRecommendations": true | false,
       "UrlbarInterventions": true | false,

patrick-canterino.de