X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/28a00d3f3f5632cf479bcd69ab883ad5bd67f2f1..b8afdc9ec05626ebe06e721d95e8328f8ba738d5:/windows/en-US/firefox.adml?ds=inline diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index 0422808..caeaade 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -1,5 +1,5 @@ - + @@ -15,14 +15,27 @@ Firefox 68 or later, Firefox 68 ESR or later Firefox 68.0.1 or later, Firefox 68.0.1 ESR or later Firefox 60 ESR or later + Firefox 68.5 ESR or later Firefox 69 or later, Firefox 68.1 ESR or later Firefox 70 or later, Firefox 68.2 ESR or later + Firefox 71 or later, Firefox 68.3 ESR or later + Firefox 72 or later, Firefox 68.4 ESR or later + Firefox 73 or later, Firefox 68.5 ESR or later + Firefox 74 or later, Firefox 68.6 ESR or later + Firefox 75 or later, Firefox 68.7 ESR or later + Firefox 75 or later + Firefox 76 or later, Firefox 68.8 ESR or later + Firefox 76 or later + Firefox 77 or later, Firefox 68.9 ESR or later + Firefox 77 or later + Firefox 78 or later Firefox Permissions Camera Microphone Location Notifications + Autoplay Authentication Bookmarks Certificates @@ -34,8 +47,18 @@ Home page Search Preferences + User Messaging + Disabled Ciphers + Encrypted Media Extensions + PDFjs Allowed Sites Blocked Sites + Application Autoupdate + If this policy is enabled, Firefox is automatically updated without user approval. + +If this policy is disabled, Firefox updates are downloaded but the user can choose when to install the update. + +If this policy is not configured, the user can choose whether not Firefox is automatically updated. Custom Update URL If this policy is enabled, you can set a URL to an update server other than the default. This could be helpful if you run your own update server on your network. @@ -63,9 +86,17 @@ For more information, see https://developer.mozilla.org/en-US/docs/Mozilla/Integ If this policy is disabled or not configured, NTLM and SPNEGO are not enabled on non FQDNs. Allow Proxies - If this disabled, SPNEGO and NTLM will not authenticate with proxy servers. + If this policy is disabled, SPNEGO and NTLM will not authenticate with proxy servers. If this policy is enabled (and the checkboxes are checked) or not configured, NTLM and SPNEGO will always authenticate with proxies. + Do not allow authentication preferences to be changed + If this policy is disabled, authentication preferences can be changed by the user. + +If this policy is enabled or not configured, authentication preferences cannot be changed by the user. + Allow authentication in private browsing + If this policy is enabled, integrated authentication is used in private browsing. + +If this policy is disabled or not configured, integrated authentication is not used in private browsing. Block Add-ons Manager If this policy is enabled, the user cannot access the Add-ons Manager or about:addons. @@ -106,7 +137,25 @@ If this policy is disabled or not configured, the default Firefox download direc If this policy is enabled, you can set and lock the directory for downloads. ${home} can be used for the native home path. If this policy is disabled or not configured, the default Firefox download directory is used and the user can change it. - Configure DNS Over HTTPS + DNS Over HTTPS + Enabled + If this policy is disabled, DNS over HTTPS is disabled. + +If this policy is enabled or not configured, DNS Over HTTPS is enabled. + Provider URL + If this policy is enabled, the URL specified is used as the provider URL. + +If this policy is disabled or not configured, the default provider is used. + + Locked + If this policy is enabled, DNS over HTTPS settings cannot be changed by the user. + +If this policy is disabled or not configured, DNS over HTTPS settings can be changed by the user. + Excluded Domains + If this policy is enabled, the specified domains are excluded from DNS over HTTPS. + +If this policy is disabled or not configured, no domains are excluded from DNS over HTTPS. + Configure DNS Over HTTPS (Moved) If this policy is enabled, the default configuration for DNS over HTTPS can be changed. If this policy is disabled or not configured, DNS Over HTTPS uses the default Firefox configuration. @@ -122,6 +171,12 @@ If this policy is disabled or not configured, the browser receives updates.If this policy is enabled, PDF files are not viewed within Firefox. If this policy is disabled or not configured, PDF files are viewed within Firefox. + Disable the default browser agent. + If this policy is enabled, the default browser agent is disabled. + +If this policy is disabled or not configured, the default browser agent is enabled. + +For more information about the default browser agent, see https://firefox-source-docs.mozilla.org/toolkit/mozapps/defaultagent/default-browser-agent/index.html Disable Developer Tools If this policy is enabled, web developer tools are not available within Firefox. @@ -152,6 +207,10 @@ If this policy is disabled or not configured, the "Forget" button is a If this policy is enabled, Firefox will not remember form or search history. If this policy is disabled or not configured, Firefox will remember form and search history. + Do not allow passwords to be revealed in saved logins + If this policy is enabled, users cannot show passwords in saved logins. + +If this policy is disabled or not configured, users can show passwords in saved logins. Disable Pocket If this policy is enabled, Pocket is not available. @@ -194,10 +253,18 @@ Mozilla recommends that you do not disable telemetry. Information collected thro If this policy is enabled, the bookmarks toolbar is displayed by default. The user can still hide it. If this policy is disabled or not configured, the bookmarks toolbar is not displayed by default. - Display Menu Bar + Display Menu Bar (Deprecated) If this policy is enabled, the menu bar is displayed by default. The user can still hide it. If this policy is disabled or not configured, the menu bar is not displayed by default. + Display Menu Bar + If this policy is enabled, you can choose whether or not the menu bar is displayed and whether or not the user can show and hide the menu bar. + +If this policy is disabled or not configured, the menu bar is not displayed by default. + Always + Never + On by default + Off by default Don't Check Default Browser If this policy is enabled, Firefox does not check to see if it is the default browser at startup. @@ -359,6 +426,25 @@ If this policy is disabled or not configured, any site that is not in the Block If this policy is enabled, notification preferences cannot be changed by the user. If this policy is disabled or not configured, the user can change their notification preferences. + If this policy is enabled, autoplay is always enabled for the origins indicated. + +If this policy is disabled or not configured, the default autoplay policy is followed. + If this policy is enabled, autoplay is always blocked for the origins indicated. + +If this policy is disabled or not configured, the default autoplay policy is followed. + Default autoplay level + If this policy is enabled, you can choose the default autoplay level. + +If this policy is disabled or not configured, audio is blocked by default. + +Note: Blocking audio and video does not work on the ESR. + Do not allow preferences to be changed + If this policy is enabled, autoplay preferences cannot be changed by the user. + +If this policy is disabled or not configured, the user can change autoplay preferences. + Allow Audio and Video + Block Audio + Block Audio and Video Customize Firefox Home If this policy is enabled, you can choose the sections displayed on Firefox Home and prevent the user from changing them. @@ -387,10 +473,50 @@ If this policy is disabled or not configured, the first run page is displayed.If this policy is enabled, you can specify a URL to be displayed after Firefox is updated. If you leave the URL blank, no upgrade page will be shown. If this policy is disabled or not configured, the upgrade is displayed. - Clear data when browser is closed + Clear data when browser is closed (Moved) If this policy is enabled, you can choose data to be cleared when Firefox is closed. If this policy is disabled or not configured, data is not cleared when the browser is closed. + Clear data when browser is closed + + Cache + If the policy is enabled, the cache is cleared when the browser is closed. + +If this policy is disabled or not configured, the cache is not cleared when the browser is closed. + Cookies + If the policy is enabled, cookies are cleared when the browser is closed. + +If this policy is disabled or not configured, cookies are not cleared when the browser is closed. + Download History + If the policy is enabled, download history is cleared when the browser is closed. + +If this policy is disabled or not configured, download history is not cleared when the browser is closed. + Form & Search History + If the policy is enabled, form data is cleared when the browser is closed. + +If this policy is disabled or not configured, form data is not cleared when the browser is closed. + Browsing History + If the policy is enabled, browsing history is cleared when the browser is closed. + +If this policy is disabled or not configured, browsing history is not cleared when the browser is closed. + Active Logins + If the policy is enabled, sessions cleared when the browser is closed. + +If this policy is disabled or not configured, sessions not cleared when the browser is closed. + Site Preferences + If the policy is enabled, site preferences are cleared when the browser is closed. + +If this policy is disabled or not configured, site preferences are not cleared when the browser is closed. + Offline Website Data + If the policy is enabled, offline application storage is cleared when the browser is closed. + +If this policy is disabled or not configured, offline application storage is not cleared when the browser is closed. + Locked + If this policy is disabled, all shutdown preferences can be changed by the user. + +If this policy is enabled, any shutdown preferences explicitly set via policy cannot be changed by the user. + +If this policy is not configured, no shutdown preferences can be changed by the user (previous behavior). Blocked websites If this policy is enabled, you can specify match patterns that indicate sites to be blocked. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https addresses are supported at the moment. There is a 1000 entry limit. @@ -503,12 +629,35 @@ If this policy is disabled or not configured, the default network settings are u Manual proxy configuration Auto-detect proxy settings Automatic proxy configuration - Tracking Protection + Tracking Protection (Moved) If this policy is not configured, tracking protection is not enabled by default in the browser but it is enabled by default in private browsing and the user can change it. If this policy is disabled, tracking protection is disabled and locked in both the browser and private browsing. If this policy is enabled, private browsing is enabled by default in both the browser and private browsing and you can choose whether or not to prevent the user from changing it. + Tracking Protection + Enabled + If this policy is enabled, tracking protection is enabled. + +If this policy is disabled, tracking protection is disabled and cannot be changed by the user. + +If this policy is not configured, standard tracking protection is used and the user can change it. + Cryptomining + If this policy is enabled, scripts that use cryptomining are blocked. + +If this policy is disabled or not configured, scripts that use cryptomining are not blocked. + Fingerprinting + If this policy is enabled, scripts that use fingerprinting are blocked. + +If this policy is disabled or not configured, scripts that use fingerprinting are not blocked. + Exceptions + If this policy is enabled, you can specify origins where tracking protection is not enabled. + +If this policy is disabled or not configured, tracking protection is enabled for all websites. + Do not allow tracking protection preferences to be changed + If this policy is enabled, tracking protection preferences cannot be changed by the user. + +If this policy is disabled or not configured, the user can change tracking protection preferences. Requested locale Requested locale (string) If this policy is enabled, you can specify a list of requested locales for the application in order of preference. It will cause the corresponding language pack to become active. @@ -568,6 +717,74 @@ If this policy is disabled or not configured, Firefox defaults to a maximum of T If this policy is enabled, a new menuitem is added to the help menu with support information. If this policy is disabled or not configured, no menuitem is added. + What's New + If this policy is disabled, the What's new icon and menuitem will not be displayed. + +If this policy is enabled or not configured, the What's New icon and menuitem will be displayed. + Extension Recommendations + If this policy is disabled, extensions will not be recommended as the user visits websites. + +If this policy is enabled or not configured, extensions will be recommended as the user visits websites. + Feature Recommendations + If this policy is disabled, Firefox features will not be recommended as the user uses Firefox. + +If this policy is enabled or not configured, Firefox features wil be recommended as the user uses Firefox. + Urlbar Interventions + If this policy is disabled, actions will not be recommended based on what the user types in the URL bar. + +If this policy is enabled or not configured, actions will be recommended based on what the user types in the URL bar. + TLS_DHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_DHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 + If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. + +If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. + TLS_RSA_WITH_AES_128_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. + TLS_RSA_WITH_AES_256_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. + TLS_RSA_WITH_3DES_EDE_CBC_SHA + If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + +If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. + Enable Encrypted Media Extensions + If this policy is disabled, encrypted media extensions (like Widevine) are not downloaded by Firefox unless the user consents to installing them. + +If this policy is enabled or not configured, encrypted media extensions (like Widevine) are downloaded automatically and used by Firefox. + Lock Encrypted Media Extensions + If this policy is enabled and EncryptedMediaExtensions are disabled, Firefox will not download encrypted media extensions (like Widevine) or ask the user to install them. + +If this policy is not disabled or not configured, it has no effect. + Enable PDFjs + If this policy is disabled, the built-in PDF viewer is not used. + +If this policy is enabled or not configured, the built-in PDF viewer is used. + Enable Permissions + If this policy is enabled, the built-in PDF viewer will honor document permissions like preventing the copying of text. + +If this policy is not disabled or not configured, document permissions are ignored. If this policy is enabled, the preference is locked to true. If this policy is disabled, the preference is locked to false. For a description of the preference, see: @@ -608,16 +825,18 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.browser.urlbar.suggest.openpage datareporting.policy.dataSubmissionPolicyBypassNotification dom.allow_scripts_to_close_windows - browser.dom.disable_window_flip + dom.disable_window_flip dom.disable_window_move_resize dom.event.contextmenu.enabled dom.keyboardevent.keypress.hack.dispatch_non_printable_keys.addl dom.keyboardevent.keypress.hack.use_legacy_keycode_and_charcode.addl + dom.xmldocument.load.enabled + dom.xmldocument.async.enabled extensions.blocklist.enabled geo.enabled extensions.getAddons.showPane intl.accept_languages - media.eme.enabled + media.eme.enabled (Deprecated) media.gmp-gmpopenh264.enabled media.gmp-widevinecdm.enabled network.dns.disableIPv6 @@ -628,6 +847,13 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.security.ssl.errorReporting.enabled security.mixed_content.block_active_content ui.key.menuAccessKeyFocuses + browser.newtabpage.activity-stream.default.sites + extensions.htmlaboutaddons.recommendations.enabled + media.peerconnection.enabled + media.peerconnection.ice.obfuscate_host_addresses.whitelist + security.osclientcerts.autoload + security.tls.hello_downgrade_check + widget.content.gtk-theme-override @@ -673,6 +899,11 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.Don't allow tracking protection preferences to be changed. Block cryptomining scripts. Block fingerprinting scripts. + Exceptions: + + + + @@ -840,6 +1071,20 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences. + + + + + + + + + + + + +