X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/0b4215df332617e144b0e8fb50c5b5ecd76ea527..996c285a6814fc1931221c6d79540f31da858290:/docs/index.md diff --git a/docs/index.md b/docs/index.md index b793adc..8eaf0ab 100644 --- a/docs/index.md +++ b/docs/index.md @@ -120,6 +120,7 @@ Unfortunately, JSON files do not support comments, but you can add extra entries | **[`SSLVersionMin`](#sslversionmin)** | Set and lock the minimum version of TLS. | **[`StartDownloadsInTempDirectory`](#startdownloadsintempdirectory)** | Force downloads to start off in a local, temporary location rather than the default download directory. | **[`SupportMenu`](#supportmenu)** | Add a menuitem to the help menu for specifying support information. +| **[`TranslateEnabled`](#translateenabled)** | Enable or disable webpage translation. | **[`UserMessaging`](#usermessaging)** | Don't show certain messages to the user. | **[`UseSystemPrintDialog`](#usesystemprintdialog)** | Print using the system print dialog instead of print preview. | **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited. @@ -127,7 +128,7 @@ Unfortunately, JSON files do not support comments, but you can add extra entries ### 3rdparty -Allow WebExtensions to configure policy. For more information, see [Adding policy support to your extension](https://extensionworkshop.com/documentation/enterprise/adding-policy-support-to-your-extension/). +Allow WebExtensions to configure policy. For more information, see [Adding policy support to your extension](https://extensionworkshop.com/documentation/enterprise/enterprise-development/#how-to-add-policy). For GPO and Intune, the extension developer should provide an ADMX file. @@ -1221,6 +1222,14 @@ Configure cookie preferences. `Locked` prevents the user from changing cookie preferences. +`Default` determines whether cookies are accepted at all. (*Deprecated*. Use `Behavior` instead) + +`AcceptThirdParty` determines how third-party cookies are handled. (*Deprecated*. Use `Behavior` instead) + +`RejectTracker` only rejects cookies for trackers. (*Deprecated*. Use `Behavior` instead) + +`ExpireAtSessionEnd` determines when cookies expire. (*Deprecated*. Use [`SanitizeOnShutdown`](#sanitizeonshutdown-selective) instead) + **Compatibility:** Firefox 60, Firefox ESR 60 (RejectTracker added in Firefox 63, AllowSession added in Firefox 79/78.1, Behavior added in Firefox 95/91.4)\ **CCK2 Equivalent:** N/A\ **Preferences Affected:** `network.cookie.cookieBehavior`, `network.cookie.cookieBehavior.pbmode`, `network.cookie.lifetimePolicy` @@ -1230,10 +1239,6 @@ Configure cookie preferences. Software\Policies\Mozilla\Firefox\Cookies\Allow\1 = "https://example.com" Software\Policies\Mozilla\Firefox\Cookies\AllowSession\1 = "https://example.edu" Software\Policies\Mozilla\Firefox\Cookies\Block\1 = "https://example.org" -Software\Policies\Mozilla\Firefox\Cookies\Default = 0x1 | 0x0 -Software\Policies\Mozilla\Firefox\Cookies\AcceptThirdParty = "always" | "never" | "from-visited" -Software\Policies\Mozilla\Firefox\Cookies\ExpireAtSessionEnd = 0x1 | 0x0 -Software\Policies\Mozilla\Firefox\Cookies\RejectTracker = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\Cookies\Behavior = "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign" Software\Policies\Mozilla\Firefox\Cookies\BehaviorPrivateBrowsing = "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign" Software\Policies\Mozilla\Firefox\Cookies\Locked = 0x1 | 0x0 @@ -1268,39 +1273,6 @@ Value (string): ``` OMA-URI: ``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Default -``` -Value (string): -``` - or -``` -OMA-URI: -``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_AcceptThirdParty -``` -Value (string): -``` - - -``` -OMA-URI: -``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_ExpireAtSessionEnd -``` -Value (string): -``` - or -``` -OMA-URI: -``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_RejectTracker -``` -Value (string): -``` - or -``` -OMA-URI: -``` ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Locked ``` Value (string): @@ -1342,14 +1314,6 @@ Value (string): http://example.org - Default - | - AcceptThirdParty - always | never | from-visited - ExpireAtSessionEnd - | - RejectTracker - | Locked | Behavior @@ -1367,10 +1331,6 @@ Value (string): "Allow": ["http://example.org/"], "AllowSession": ["http://example.edu/"], "Block": ["http://example.edu/"], - "Default": true | false, - "AcceptThirdParty": "always" | "never" | "from-visited", - "ExpireAtSessionEnd": true | false, - "RejectTracker": true | false, "Locked": true | false, "Behavior": "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign", "BehaviorPrivateBrowsing": "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign", @@ -1738,7 +1698,7 @@ Disable Firefox studies (Shield). **Compatibility:** Firefox 60, Firefox ESR 60\ **CCK2 Equivalent:** N/A\ -**Preferences Affected:** N/A +**Preferences Affected:** `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features` #### Windows (GPO) ``` @@ -3548,7 +3508,7 @@ Configure the default extension install policy as well as origins for extension **Compatibility:** Firefox 60, Firefox ESR 60\ **CCK2 Equivalent:** `permissions.install`\ -**Preferences Affected:** `xpinstall.enabled` +**Preferences Affected:** `xpinstall.enabled`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features` #### Windows (GPO) ``` @@ -4760,6 +4720,9 @@ pdfjs. (Firefox 84, Firefox ESR 78.6) places. pref. print. +privacy.globalprivacycontrol.enabled (Firefox 127, Firefox ESR 128.0) +privacy.userContext.enabled (Firefox 126, Firefox ESR 115.11) +privacy.userContext.ui.enabled (Firefox 126, Firefox ESR 115.11) signon. (Firefox 83, Firefox ESR 78.5) spellchecker. (Firefox 84, Firefox ESR 78.6) toolkit.legacyUserProfileCustomizations.stylesheets (Firefox 95, Firefox ESR 91.4) @@ -4783,7 +4746,11 @@ as well as the following security preferences: | security.insecure_connection_text.pbmode.enabled | bool | false |     If set to true, adds the words "Not Secure" for insecure sites in private browsing. | security.mixed_content.block_active_content | boolean | true -|     If false, mixed active content (HTTP and HTTPS) is not blocked. +|     If set to true, mixed active content (HTTP subresources such as scripts, fetch requests, etc. on a HTTPS page) will be blocked. +| security.mixed_content.block_display_content | boolean | false +|     If set to true, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will be blocked. (Firefox 127, Firefox ESR 128.0) +| security.mixed_content.upgrade_display_content | boolean | true +|     If set to true, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will be upgraded to HTTPS. (Firefox 127, Firefox ESR 128.0) | security.osclientcerts.autoload | boolean | false |     If true, client certificates are loaded from the operating system certificate store. | security.OCSP.enabled | integer | 1 @@ -6012,6 +5979,40 @@ Value (string): } } ``` +### StartDownloadsInTempDirectory +Force downloads to start off in a local, temporary location rather than the default download directory. + +**Compatibility:** Firefox 102\ +**CCK2 Equivalent:** N/A\ +**Preferences Affected:** `browser.download.start_downloads_in_tmp_dir` + +#### Windows (GPO) +``` +Software\Policies\Mozilla\Firefox\StartDownloadsInTempDirectory = 0x1 | 0x0 +``` +#### Windows (Intune) +OMA-URI: +``` +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/StartDownloadsInTempDirectory +``` +Value (string): +``` + or +``` +#### macOS +``` + + StartDownloadsInTempDirectory + | + +``` +#### policies.json +``` +{ + "policies": { + "StartDownloadsInTempDirectory": true | false +} +``` ### SupportMenu Add a menuitem to the help menu for specifying support information. @@ -6063,21 +6064,25 @@ Value (string): } } ``` -### StartDownloadsInTempDirectory -Force downloads to start off in a local, temporary location rather than the default download directory. +### TranslateEnabled +Enable or disable webpage translation. -**Compatibility:** Firefox 102\ +Note: Web page translation is done completely on the client, so there is no data or privacy risk. + +If you only want to disable the popup, you can set the pref `browser.translations.automaticallyPopup` to false using the [Preferences](#preferences) policy. + +**Compatibility:** Firefox 126\ **CCK2 Equivalent:** N/A\ -**Preferences Affected:** `browser.download.start_downloads_in_tmp_dir` +**Preferences Affected:** `browser.translations.enable` #### Windows (GPO) ``` -Software\Policies\Mozilla\Firefox\StartDownloadsInTempDirectory = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\TranslateEnabled = 0x1 | 0x0 ``` #### Windows (Intune) OMA-URI: ``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/StartDownloadsInTempDirectory +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/TranslateEnabled ``` Value (string): ``` @@ -6086,7 +6091,7 @@ Value (string): #### macOS ``` - StartDownloadsInTempDirectory + TranslateEnabled | ``` @@ -6094,7 +6099,8 @@ Value (string): ``` { "policies": { - "StartDownloadsInTempDirectory": true | false + "TranslateEnabled": true | false + } } ``` ### UserMessaging