X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/40df6bf1f001f38a3590ae9b62c5cf220ba602a6..cf5b67845fb2685494b7b68aedd1d43e4a31bc68:/docs/index.md
diff --git a/docs/index.md b/docs/index.md
index 4bc7410..1e8faf0 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -1,7 +1,6 @@
Firefox policies can be specified using the [Group Policy templates on Windows](https://github.com/mozilla/policy-templates/tree/master/windows), [Intune on Windows](https://support.mozilla.org/kb/managing-firefox-intune), [configuration profiles on macOS](https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`. On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution or you can specify system-wide policy by placing the file in `/etc/firefox/policies`.
Unfortunately, JSON files do not support comments, but you can add extra entries to the JSON to use as comments. You will see an error in about:policies, but the policies will still work properly. For example:
-
```
{
"policies": {
@@ -12,6 +11,7 @@ Unfortunately, JSON files do not support comments, but you can add extra entries
}
}
```
+Note: The `policies.json` must use the UTF-8 encoding.
| Policy Name | Description
| --- | --- |
@@ -80,6 +80,8 @@ Unfortunately, JSON files do not support comments, but you can add extra entries
| **[`Handlers`](#handlers)** | Configure default application handlers.
| **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
| **[`Homepage`](#homepage)** | Configure the default homepage and how Firefox starts.
+| **[`HttpAllowlist`](#httpallowlist)** | Configure origins that will not be upgraded to HTTPS.
+| **[`HttpsOnlyMode`](#httpsonlymode)** | Configure HTTPS-Only Mode.
| **[`InstallAddonsPermission`](#installaddonspermission)** | Configure the default extension install policy as well as origins for extension installs are allowed.
| **[`LegacyProfiles`](#legacyprofiles)** | Disable the feature enforcing a separate profile for each installation.
| **[`LegacySameSiteCookieBehaviorEnabled`](#legacysamesitecookiebehaviorenabled)** | Enable default legacy SameSite cookie behavior setting.
@@ -666,6 +668,18 @@ Value (string):
}
]'/>
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/AutoLaunchProtocolsFromOriginsOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -932,6 +946,18 @@ Value (string):
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/BookmarksOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -1165,6 +1191,18 @@ Value (string):
}
'/>
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ContainersOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -2750,6 +2788,18 @@ Value (string):
]
'/>
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExemptDomainFileTypePairsFromFileTypeDownloadWarningsOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -2937,6 +2987,18 @@ Value (string):
}
}'/>
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExtensionSettingsOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -3320,6 +3382,18 @@ Value (string):
}
'/>
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/HandlersOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -3536,6 +3610,92 @@ Value (string):
}
}
```
+### HttpAllowlist
+Configure sites that will not be upgraded to HTTPS.
+
+The sites are specified as a list of origins.
+
+**Compatibility:** Firefox 127\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\HttpAllowlist\1 = "http://example.org"
+Software\Policies\Mozilla\Firefox\HttpAllowlist\2 = "http://example.edu"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpAllowlist
+```
+Value (string):
+```
+
+
+```
+#### macOS
+```
+
+ HttpAllowlist
+
+ http://example.org
+ http://example.edu
+
+
+```
+#### policies.json
+```
+{
+ "policies": {
+ "HttpAllowlist ": ["http://example.org",
+ "http://example.edu"]
+ }
+}
+```
+### HttpsOnlyMode
+Configure HTTPS-Only Mode.
+
+| Value | Description
+| --- | --- |
+| allowed | HTTPS-Only Mode is off by default, but the user can turn it on.
+| disallowed | HTTPS-Only Mode is off and the user can't turn it on.
+| enabled | HTTPS-Only Mode is on by default, but the user can turn it off.
+| force_enabled | HTTPS-Only Mode is on and the user can't turn it off.
+
+**Compatibility:** Firefox 127\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `dom.security.https_only_mode`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\HttpsOnlyMode = "allowed", "disallowed", "enabled", "force_enabled"
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpsOnlyMode
+```
+Value (string):
+```
+
+
+```
+#### macOS
+```
+
+ HttpsOnlyMode
+ allowed | disallowed | enabled | force_enabled
+
+```
+#### policies.json
+```
+{
+ "policies": {
+ "HttpsOnlyMode": "allowed" | "disallowed" | "enabled" | "force_enabled"
+ }
+}
+```
### InstallAddonsPermission
Configure the default extension install policy as well as origins for extension installs are allowed. This policy does not override turning off all extension installs.
@@ -3838,6 +3998,18 @@ Value (string):
}
]'/>
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ManagedBoomarksOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -4273,7 +4445,6 @@ Value (string):
}
}
```
-
### PDFjs
Disable or configure PDF.js, the built-in PDF viewer.
@@ -4915,6 +5086,18 @@ Value (string):
}
}'/>
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/PreferencesOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -6327,6 +6510,18 @@ Value (string):
```
+If you are using custom ADMX and ADML administrative templates in Intune, you can use this OMA-URI instead
+to workaround the limit on the length of strings. Put all of your JSON on one line.
+
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/WebsiteFilterOneLine
+```
+Value (string):
+```
+
+
+```
#### macOS
```