| **[`PrivateBrowsingModeAvailability`](#privatebrowsingmodeavailability)** | Set availability of private browsing mode.
| **[`PromptForDownloadLocation`](#promptfordownloadlocation)** | Ask where to save each file before downloading.
| **[`Proxy`](#proxy)** | Configure proxy settings.
-| **[`RequestedLocales`](#requestedlocales)** | Set the the list of requested locales for the application in order of preference.
+| **[`RequestedLocales`](#requestedlocales)** | Set the list of requested locales for the application in order of preference.
| **[`SanitizeOnShutdown` (All)](#sanitizeonshutdown-all)** | Clear all data on shutdown.
| **[`SanitizeOnShutdown` (Selective)](#sanitizeonshutdown-selective)** | Clear data on shutdown.
| **[`SearchBar`](#searchbar)** | Set whether or not search bar is displayed.
| **[`TranslateEnabled`](#translateenabled)** | Enable or disable webpage translation.
| **[`UserMessaging`](#usermessaging)** | Don't show certain messages to the user.
| **[`UseSystemPrintDialog`](#usesystemprintdialog)** | Print using the system print dialog instead of print preview.
+| **[`VisualSearchEnabled`](#visualsearchenabled)** | Enable or disable visual search.
| **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited.
| **[`WindowsSSO`](#windowssso)** | Allow Windows single sign-on for Microsoft, work, and school accounts.
* `PlainTextOnly` indicates whether to only analyze the text/plain format on the clipboard. If this
value is false, all formats will be analyzed, which some DLP agents may not expect. Regardless of
this value, files will be analyzed as usual. The default is true.
+* The `Download` entry controls download operations. (Added in Firefox 142, Firefox ESR 140.2)
+ * `Enabled` indicates whether download operations should use DLP. The default is false.
* The `DragAndDrop` entry controls drag and drop operations for files and text.
* `Enabled` indicates whether drag and drop operations should use DLP. The default is true.
* `PlainTextOnly` indicates whether to only analyze the text/plain format in what is being dropped.
**Compatibility:** Firefox 137\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `browser.contentanalysis.agent_name`, `browser.contentanalysis.agent_timeout`, `browser.contentanalysis.allow_url_regex_list`, `browser.contentanalysis.bypass_for_same_tab_operations`, `browser.contentanalysis.client_signature`, `browser.contentanalysis.default_result`, `browser.contentanalysis.deny_url_regex_list`, `browser.contentanalysis.enabled`, `browser.contentanalysis.interception_point.clipboard.enabled`, `browser.contentanalysis.interception_point.clipboard.plain_text_only`, `browser.contentanalysis.interception_point.drag_and_drop.enabled`, `browser.contentanalysis.interception_point.drag_and_drop.plain_text_only`, `browser.contentanalysis.interception_point.file_upload.enabled`, `browser.contentanalysis.interception_point.print.enabled`, `browser.contentanalysis.is_per_user`, `browser.contentanalysis.pipe_path_name`, `browser.contentanalysis.show_blocked_result`, `browser.contentanalysis.timeout_result`
+**Preferences Affected:** `browser.contentanalysis.agent_name`, `browser.contentanalysis.agent_timeout`, `browser.contentanalysis.allow_url_regex_list`, `browser.contentanalysis.bypass_for_same_tab_operations`, `browser.contentanalysis.client_signature`, `browser.contentanalysis.default_result`, `browser.contentanalysis.deny_url_regex_list`, `browser.contentanalysis.enabled`, `browser.contentanalysis.interception_point.clipboard.enabled`, `browser.contentanalysis.interception_point.clipboard.plain_text_only`, `browser.contentanalysis.interception_point.download.enabled`, `browser.contentanalysis.interception_point.drag_and_drop.enabled`, `browser.contentanalysis.interception_point.drag_and_drop.plain_text_only`, `browser.contentanalysis.interception_point.file_upload.enabled`, `browser.contentanalysis.interception_point.print.enabled`, `browser.contentanalysis.is_per_user`, `browser.contentanalysis.pipe_path_name`, `browser.contentanalysis.show_blocked_result`, `browser.contentanalysis.timeout_result`
#### Windows (GPO)
```
Software\Policies\Mozilla\Firefox\ContentAnalysis\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\Clipboard\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\Clipboard\PlainTextOnly = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\Download\Enabled = 0x0 | 0x1
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\DragAndDrop\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\DragAndDrop\PlainTextOnly = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\FileUpload\Enabled = 0x1 | 0x0
```
OMA-URI:
```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints/ContentAnalysis_InterceptionPoints_Download_Enabled
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints~DragAndDrop/ContentAnalysis_InterceptionPoints_DragAndDrop
```
Value (string):
"Enabled": true | false,
"PlainTextOnly": true | false
},
+ "Download": {
+ "Enabled": false | true,
+ },
"DragAndDrop": {
"Enabled": true | false,
"PlainTextOnly": true | false
`Exceptions` are origins for which tracking protection is not enabled.
-`Category` can be either ```strict``` or ```standard```. If category is set, it overrides all other settings except `Exceptions` and the user cannot change the category.
+`Category` can be either ```strict``` or ```standard```. If category is set, it overrides all other settings except `Exceptions` and the user cannot change the category. (Firefox 142, Firefox ESR 140.2)
**Compatibility:** Firefox 60, Firefox ESR 60 (Cryptomining and Fingerprinting added in 70/68.2, Exceptions added in 73/68.5. Category added in Firefox 142/140.2.)\
**CCK2 Equivalent:** N/A\
### Extensions
Control the installation, uninstallation and locking of extensions.
-We strongly recommend that you use the **[`ExtensionSettings`](#extensionsettings)** policy. It has the same functionality and adds more. It does not support native paths, though, so you'll have to use file:/// URLs.
+Note: The **[`ExtensionSettings`](#extensionsettings)** policy was added in Firefox 69. It provides additional functionality and is closer in compatibility to Chrome and Edge. It does not support native paths, though, so you'll have to use file:/// URLs. I'd recommend trying it before using this policy. Any future improvements will happen in that policy.
-This method will be deprecated in the near future.
+We will not, however, be removing this policy.
`Install` is a list of URLs or native paths for extensions to be installed.
| `install_url`| Maps to a URL indicating where Firefox can download a force_installed or normal_installed extension. If installing from the local file system, use a [```file:///``` URL](https://en.wikipedia.org/wiki/File_URI_scheme). If installing from the addons.mozilla.org, use the following URL (substituting ID with the extension ID or with the short name from the URL on AMO), https://addons.mozilla.org/firefox/downloads/latest/ID/latest.xpi. Languages packs are available from https://releases.mozilla.org/pub/firefox/releases/VERSION/PLATFORM/xpi/LANGUAGE.xpi. If you need to update the extension, you can change the name of the extension and it will be automatically updated. Extensions installed from file URLs will additional be updated when their internal version changes.
| `install_sources` | A list of sources from which installing extensions is allowed using URL match patterns. **This is unnecessary if you are only allowing the installation of certain extensions by ID.** Each item in this list is an extension-style match pattern. Users will be able to easily install items from any URL that matches an item in this list. Both the location of the *.xpi file and the page where the download is started from (i.e. the referrer) must be allowed by these patterns. This setting can be used only for the default configuration.
| `allowed_types` | This setting whitelists the allowed types of extension/apps that can be installed in Firefox. The value is a list of strings, each of which should be one of the following: "extension", "theme", "dictionary", "locale" This setting can be used only for the default configuration.
-| `blocked_install_message` | This maps to a string specifying the error message to display to users if they're blocked from installing an extension. This setting allows you to append text to the generic error message displayed when the extension is blocked. This could be be used to direct users to your help desk, explain why a particular extension is blocked, or something else. This setting can be used only for the default configuration.
+| `blocked_install_message` | This maps to a string specifying the error message to display to users if they're blocked from installing an extension. This setting allows you to append text to the generic error message displayed when the extension is blocked. This could be used to direct users to your help desk, explain why a particular extension is blocked, or something else. This setting can be used only for the default configuration.
| `restricted_domains` | An array of domains on which content scripts can't be run. This setting can be used only for the default configuration.
| `updates_disabled` | (Firefox 89, Firefox ESR 78.11) Boolean that indicates whether or not to disable automatic updates for an individual extension.
| `default_area` | (Firefox 113) String that indicates where to place the extension icon by default. Possible values are `navbar` and `menupanel`.
`Additional` allows for more than one homepage.
-`StartPage` is how Firefox starts. The choices are no homepage, the default homepage or the previous session.
+`StartPage` is how Firefox starts.
-With Firefox 78, an additional option as added for `Startpage`, `homepage-locked`. If this is value is set for the Startpage, the user will always get the homepage at startup and cannot choose to restore their session.
+| Value | Description
+|-------------------|-----------------------------------------------------------------------------
+| `none` | Start with a blank page (no homepage, no previous session).
+| `homepage` | Start with the homepage in `URL` policy.
+| `previous-session`| Restore the previous session (all tabs and windows reopen).
+| `homepage-locked` | Always force the homepage at startup, users cannot choose session restore. (Firefox 78)
**Compatibility:** Firefox 60, Firefox ESR 60 (StartPage was added in Firefox 60, Firefox ESR 60.4, homepage-locked added in Firefox 78)\
**CCK2 Equivalent:** `homePage`,`lockHomePage`\
```
#### Windows (Intune)
**Note**
-These setttings were moved to a category to make them easier to configure via Intune.
+These settings were moved to a category to make them easier to configure via Intune.
OMA-URI:
```
}
```
### RequestedLocales
-Set the the list of requested locales for the application in order of preference. It will cause the corresponding language pack to become active.
+Set the list of requested locales for the application in order of preference. It will cause the corresponding language pack to become active.
Note: For Firefox 68, this can now be a string so that you can specify an empty value.
}
}
```
+### VisualSearchEnabled
+Enable or disable visual search.
+
+**Compatibility:** Firefox 144\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.search.visualSearch.featureGate`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\VisualSearchEnabled = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/VisualSearchEnabled
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+ <key>VisualSearchEnabled</key>
+ <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+ "policies": {
+ "VisualSearchEnabled": true | false
+ }
+}
+```
### WebsiteFilter
Block websites from being visited. The parameters take an array of Match Patterns, as documented in https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns.
The arrays are limited to 1000 entries each.
git.p6c8.net / policy-templates.git / blobdiff