]> git.p6c8.net - policy-templates.git/blobdiff - docs/index.md
Add documentation for Mixed Content Level 2 and GPC prefs
[policy-templates.git] / docs / index.md
index 829af1f07c38ec823ca3842d6d2db43d708830a1..277ee14f36c00f89a91604c7bc7d8738f96e24ee 100644 (file)
@@ -120,6 +120,7 @@ Unfortunately, JSON files do not support comments, but you can add extra entries
 | **[`SSLVersionMin`](#sslversionmin)** | Set and lock the minimum version of TLS.
 | **[`StartDownloadsInTempDirectory`](#startdownloadsintempdirectory)** | Force downloads to start off in a local, temporary location rather than the default download directory.
 | **[`SupportMenu`](#supportmenu)** | Add a menuitem to the help menu for specifying support information.
+| **[`TranslateEnabled`](#translateenabled)** | Enable or disable webpage translation.
 | **[`UserMessaging`](#usermessaging)** | Don't show certain messages to the user.
 | **[`UseSystemPrintDialog`](#usesystemprintdialog)** | Print using the system print dialog instead of print preview.
 | **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited.
@@ -127,7 +128,7 @@ Unfortunately, JSON files do not support comments, but you can add extra entries
 
 ### 3rdparty
 
-Allow WebExtensions to configure policy. For more information, see [Adding policy support to your extension](https://extensionworkshop.com/documentation/enterprise/adding-policy-support-to-your-extension/).
+Allow WebExtensions to configure policy. For more information, see [Adding policy support to your extension](https://extensionworkshop.com/documentation/enterprise/enterprise-development/#how-to-add-policy).
 
 For GPO and Intune, the extension developer should provide an ADMX file.
 
@@ -1221,6 +1222,14 @@ Configure cookie preferences.
 
 `Locked` prevents the user from changing cookie preferences.
 
+`Default` determines whether cookies are accepted at all. (*Deprecated*. Use `Behavior` instead)
+
+`AcceptThirdParty` determines how third-party cookies are handled. (*Deprecated*. Use `Behavior` instead)
+
+`RejectTracker` only rejects cookies for trackers. (*Deprecated*. Use `Behavior` instead)
+
+`ExpireAtSessionEnd` determines when cookies expire. (*Deprecated*. Use [`SanitizeOnShutdown`](#sanitizeonshutdown-selective) instead)
+
 **Compatibility:** Firefox 60, Firefox ESR 60 (RejectTracker added in Firefox 63, AllowSession added in Firefox 79/78.1, Behavior added in Firefox 95/91.4)\
 **CCK2 Equivalent:** N/A\
 **Preferences Affected:** `network.cookie.cookieBehavior`, `network.cookie.cookieBehavior.pbmode`, `network.cookie.lifetimePolicy`
@@ -1230,10 +1239,6 @@ Configure cookie preferences.
 Software\Policies\Mozilla\Firefox\Cookies\Allow\1 = "https://example.com"
 Software\Policies\Mozilla\Firefox\Cookies\AllowSession\1 = "https://example.edu"
 Software\Policies\Mozilla\Firefox\Cookies\Block\1 = "https://example.org"
-Software\Policies\Mozilla\Firefox\Cookies\Default = 0x1 | 0x0
-Software\Policies\Mozilla\Firefox\Cookies\AcceptThirdParty = "always" | "never" | "from-visited"
-Software\Policies\Mozilla\Firefox\Cookies\ExpireAtSessionEnd = 0x1 | 0x0
-Software\Policies\Mozilla\Firefox\Cookies\RejectTracker = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\Cookies\Behavior = "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign"
 Software\Policies\Mozilla\Firefox\Cookies\BehaviorPrivateBrowsing = "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign"
 Software\Policies\Mozilla\Firefox\Cookies\Locked = 0x1 | 0x0
@@ -1268,39 +1273,6 @@ Value (string):
 ```
 OMA-URI:
 ```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Default
-```
-Value (string):
-```
-<enabled/> or <disabled/>
-```
-OMA-URI:
-```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_AcceptThirdParty
-```
-Value (string):
-```
-<enabled/>
-<data id="Cookies_AcceptThirdParty" value="always | never | from-visited"/>
-```
-OMA-URI:
-```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_ExpireAtSessionEnd
-```
-Value (string):
-```
-<enabled/> or <disabled/>
-```
-OMA-URI:
-```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_RejectTracker
-```
-Value (string):
-```
-<enabled/> or <disabled/>
-```
-OMA-URI:
-```
 ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Locked
 ```
 Value (string):
@@ -1342,14 +1314,6 @@ Value (string):
     <array>
       <string>http://example.org</string>
     </array>
-    <key>Default</key>
-    <true/> | <false/>
-    <key>AcceptThirdParty</key>
-    <string>always | never | from-visited</string>
-    <key>ExpireAtSessionEnd</key>
-    <true/> | <false/>
-    <key>RejectTracker</key>
-    <true/> | <false/>
     <key>Locked</key>
     <true/> | <false/>
     <key>Behavior</key>
@@ -1367,10 +1331,6 @@ Value (string):
       "Allow": ["http://example.org/"],
       "AllowSession": ["http://example.edu/"],
       "Block": ["http://example.edu/"],
-      "Default": true | false,
-      "AcceptThirdParty": "always" | "never" | "from-visited",
-      "ExpireAtSessionEnd": true | false,
-      "RejectTracker": true | false,
       "Locked": true | false,
       "Behavior": "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign",
       "BehaviorPrivateBrowsing": "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign",
@@ -4759,6 +4719,7 @@ pdfjs. (Firefox 84, Firefox ESR 78.6)
 places.
 pref.
 print.
+privacy.globalprivacycontrol.enabled (Firefox 127, Firefox ESR 128.0)
 privacy.userContext.enabled (Firefox 126, Firefox ESR 115.11)
 privacy.userContext.ui.enabled (Firefox 126, Firefox ESR 115.11)
 signon. (Firefox 83, Firefox ESR 78.5)
@@ -4784,7 +4745,11 @@ as well as the following security preferences:
 | security.insecure_connection_text.pbmode.enabled | bool | false
 | &nbsp;&nbsp;&nbsp;&nbsp;If set to true, adds the words "Not Secure" for insecure sites in private browsing.
 | security.mixed_content.block_active_content | boolean | true
-| &nbsp;&nbsp;&nbsp;&nbsp;If false, mixed active content (HTTP and HTTPS) is not blocked.
+| &nbsp;&nbsp;&nbsp;&nbsp;If set to true, mixed active content (HTTP subresources such as scripts, fetch requests, etc. on a HTTPS page) will be blocked.
+| security.mixed_content.block_display_content | boolean | false
+| &nbsp;&nbsp;&nbsp;&nbsp;If set to true, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will be blocked. (Firefox 127, Firefox ESR 128.0)
+| security.mixed_content.upgrade_display_content | boolean | true
+| &nbsp;&nbsp;&nbsp;&nbsp;If set to true, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will be upgraded to HTTPS. (Firefox 127, Firefox ESR 128.0)
 | security.osclientcerts.autoload | boolean | false
 | &nbsp;&nbsp;&nbsp;&nbsp;If true, client certificates are loaded from the operating system certificate store.
 | security.OCSP.enabled | integer | 1
@@ -6013,6 +5978,40 @@ Value (string):
   }
 }
 ```
+### StartDownloadsInTempDirectory
+Force downloads to start off in a local, temporary location rather than the default download directory.
+
+**Compatibility:** Firefox 102\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.start_downloads_in_tmp_dir`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\StartDownloadsInTempDirectory = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/StartDownloadsInTempDirectory
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+  <key>StartDownloadsInTempDirectory</key>
+  <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+  "policies": {
+    "StartDownloadsInTempDirectory": true | false
+}
+```
 ### SupportMenu
 Add a menuitem to the help menu for specifying support information.
 
@@ -6064,21 +6063,25 @@ Value (string):
   }
 }
 ```
-### StartDownloadsInTempDirectory
-Force downloads to start off in a local, temporary location rather than the default download directory.
+### TranslateEnabled
+Enable or disable webpage translation.
 
-**Compatibility:** Firefox 102\
+Note: Web page translation is done completely on the client, so there is no data or privacy risk.
+
+If you only want to disable the popup, you can set the pref `browser.translations.automaticallyPopup` to false using the [Preferences](#preferences) policy.
+
+**Compatibility:** Firefox 126\
 **CCK2 Equivalent:** N/A\
-**Preferences Affected:** `browser.download.start_downloads_in_tmp_dir`
+**Preferences Affected:** `browser.translations.enable`
 
 #### Windows (GPO)
 ```
-Software\Policies\Mozilla\Firefox\StartDownloadsInTempDirectory = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\TranslateEnabled = 0x1 | 0x0
 ```
 #### Windows (Intune)
 OMA-URI:
 ```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/StartDownloadsInTempDirectory
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/TranslateEnabled
 ```
 Value (string):
 ```
@@ -6087,7 +6090,7 @@ Value (string):
 #### macOS
 ```
 <dict>
-  <key>StartDownloadsInTempDirectory</key>
+  <key>TranslateEnabled</key>
   <true/> | <false/>
 </dict>
 ```
@@ -6095,7 +6098,8 @@ Value (string):
 ```
 {
   "policies": {
-    "StartDownloadsInTempDirectory": true | false
+    "TranslateEnabled": true | false
+  }
 }
 ```
 ### UserMessaging

patrick-canterino.de