X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/428b3581716915e3ce519cbe8206ea1c482879b1..9cc250613f8038e7ce99f720bf8fb7799d9a28f8:/docs/index.md?ds=inline diff --git a/docs/index.md b/docs/index.md index bf8480e..1befebd 100644 --- a/docs/index.md +++ b/docs/index.md @@ -90,6 +90,7 @@ Note: The `policies.json` must use the UTF-8 encoding. | **[`LocalFileLinks`](#localfilelinks)** | Enable linking to local files by origin. | **[`ManagedBookmarks`](#managedbookmarks)** | Configures a list of bookmarks managed by an administrator that cannot be changed by the user. | **[`ManualAppUpdateOnly`](#manualappupdateonly)** | Allow manual updates only and do not notify the user about updates. +| **[`MicrosoftEntraSSO`](#microsoftentrasso)** | Allow single sign-on for Microsoft Entra accounts on macOS. | **[`NetworkPrediction`](#networkprediction)** | Enable or disable network prediction (DNS prefetching). | **[`NewTabPage`](#newtabpage)** | Enable or disable the New Tab page. | **[`NoDefaultBookmarks`](#nodefaultbookmarks)** | Disable the creation of default bookmarks. @@ -333,7 +334,7 @@ OMA-URI: Value (string): ``` - + ``` #### macOS ``` @@ -1271,7 +1272,7 @@ Configure Firefox to use an agent for Data Loss Prevention (DLP) that is compati `ShowBlockedResult` indicates whether Firefox should show a notification when a DLP request is denied. The default is true. -**Compatibility:** Firefox 130\ +**Compatibility:** Firefox 132\ **CCK2 Equivalent:** N/A\ **Preferences Affected:** `browser.contentanalysis.agent_name`, `browser.contentanalysis.agent_timeout`, `browser.contentanalysis.allow_url_regex_list`, `browser.contentanalysis.bypass_for_same_tab_operations`, `browser.contentanalysis.client_signature`, `browser.contentanalysis.default_result`, `browser.contentanalysis.deny_url_regex_list`, `browser.contentanalysis.enabled`, `browser.contentanalysis.is_per_user`, `browser.contentanalysis.pipe_path_name`, `browser.contentanalysis.show_blocked_result` @@ -3092,6 +3093,9 @@ This policy maps an extension ID to its configuration. With an extension ID, the To obtain an extension ID, install the extension and go to about:support. You will see the ID in the Extensions section. I've also created an extension that makes it easy to find the ID of extensions on AMO. You can download it [here](https://github.com/mkaply/queryamoid/releases/tag/v0.1). Or you can ask the Mozilla Addons API, see [docs](https://mozilla.github.io/addons-server/topics/api/addons.html#detail), which returns the ID as `guid`: https://addons.mozilla.org/api/v5/addons/addon/ublock-origin/ +**Note:** +If the extension ID is a UUID ({12345678-1234-1234-1234-1234567890ab}), you must include the curly braces around the ID. + The configuration for each extension is another dictionary that can contain the fields documented below. | Name | Description | @@ -4311,6 +4315,30 @@ Value (string): } } ``` +### MicrosoftEntraSSO +Allow single sign-on for Microsoft Entra accounts on macOS. + +If this policy is set to true, Firefox will use credentials stored in the Company Portal to sign in to Microsoft Entra accounts. + +**Compatibility:** Firefox 132.0.1, Firefox ESR 128.5\ +**CCK2 Equivalent:** N/A\ +**Preferences Affected:** `network.http.microsoft-entra-sso.enabled` + +#### macOS +``` + + MicrosoftEntraSSO + | + +``` +#### policies.json +``` +{ + "policies": { + "MicrosoftEntraSSO": true | false + } +} +``` ### NetworkPrediction Enable or disable network prediction (DNS prefetching). @@ -5275,9 +5303,9 @@ as well as the following security preferences: | security.mixed_content.block_active_content | boolean | true |     If set to true, mixed active content (HTTP subresources such as scripts, fetch requests, etc. on a HTTPS page) will be blocked. | security.mixed_content.block_display_content | boolean | false -|     If set to true, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will be blocked. (Firefox 127, Firefox ESR 128.0) +|     If set to true, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will be blocked and ```security.mixed_content.upgrade_display_content``` will be ignored. (Firefox 127, Firefox ESR 128.0) | security.mixed_content.upgrade_display_content | boolean | true -|     If set to true, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will be upgraded to HTTPS. (Firefox 127, Firefox ESR 128.0) +|     If set to false, mixed passive/display content (HTTP subresources such as images, videos, etc. on a HTTPS page) will NOT be upgraded to HTTPS. (Firefox 127, Firefox ESR 128.0) | security.osclientcerts.autoload | boolean | false |     If true, client certificates are loaded from the operating system certificate store. | security.OCSP.enabled | integer | 1 @@ -5516,7 +5544,9 @@ Possible values are `0` (Private Browsing mode is available), `1` (Private Brows This policy supersedes [`DisablePrivateBrowsing`](#disableprivatebrowsing) -**Compatibility:** Firefox 130\ +Note: This policy missed Firefox ESR 128.2, but it will be in Firefox ESR 128.3. + +**Compatibility:** Firefox 130, Firefox ESR 128.3\ **CCK2 Equivalent:** N/A\ **Preferences Affected:** N/A @@ -5879,7 +5909,7 @@ Note: Starting with Firefox 128, History clears FormData and Downloads as well. `SiteSettings` Site Preferences -`OfflineApps` Offline Website Data. +`OfflineApps` Offline Website Data (*Deprecated - part of Cookies*) `Locked` prevents the user from changing these preferences. @@ -5891,12 +5921,9 @@ Note: Starting with Firefox 128, History clears FormData and Downloads as well. ``` Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cache = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cookies = 0x1 | 0x0 -Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Downloads = 0x1 | 0x0 -Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\FormData = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\History = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Sessions = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\SiteSettings = 0x1 | 0x0 -Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\OfflineApps = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Locked = 0x1 | 0x0 ``` #### Windows (Intune) @@ -5918,22 +5945,6 @@ Value (string): ``` OMA-URI: ``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~SanitizeOnShutdown/C_SanitizeOnShutdown_Downloads -``` -Value (string): -``` - or -``` -OMA-URI: -``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~SanitizeOnShutdown/D_SanitizeOnShutdown_FormData -``` -Value (string): -``` - or -``` -OMA-URI: -``` ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~SanitizeOnShutdown/E_SanitizeOnShutdown_History ``` Value (string): @@ -5958,14 +5969,6 @@ Value (string): ``` OMA-URI: ``` -./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~SanitizeOnShutdown/H_SanitizeOnShutdown_OfflineApps -``` -Value (string): -``` - or -``` -OMA-URI: -``` ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~SanitizeOnShutdown/I_SanitizeOnShutdown_Locked ``` Value (string): @@ -5981,18 +5984,12 @@ Value (string): | Cookies | - Downloads - | - FormData - | History | Sessions | SiteSettings | - OfflineApps - | Locked | @@ -6005,12 +6002,9 @@ Value (string): "SanitizeOnShutdown": { "Cache": true | false, "Cookies": true | false, - "Downloads": true | false, - "FormData": true | false, "History": true | false, "Sessions": true | false, "SiteSettings": true | false, - "OfflineApps": true | false, "Locked": true | false } } @@ -6717,11 +6711,13 @@ Prevent Firefox from messaging the user in certain situations. `MoreFromMozilla` If false, don't show the "More from Mozilla" section in Preferences. (Firefox 98) +`FirefoxLabs` If false, don't show the "Firefox Labs" section in Preferences. (Firefox 130.0.1) + `Locked` prevents the user from changing user messaging preferences. **Compatibility:** Firefox 75, Firefox ESR 68.7\ **CCK2 Equivalent:** N/A\ -**Preferences Affected:** `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features`, `browser.aboutwelcome.enabled`, `browser.preferences.moreFromMozilla` +**Preferences Affected:** `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.addons`, `browser.newtabpage.activity-stream.asrouter.userprefs.cfr.features`, `browser.aboutwelcome.enabled`, `browser.preferences.moreFromMozilla`, `browser.preferences.experimental` #### Windows (GPO) ``` @@ -6730,6 +6726,7 @@ Software\Policies\Mozilla\Firefox\UserMessaging\FeatureRecommendations = 0x1 | 0 Software\Policies\Mozilla\Firefox\UserMessaging\UrlbarInterventions = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\UserMessaging\SkipOnboarding = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\UserMessaging\MoreFromMozilla = 0x1 | 0x0 +Software\Policies\Mozilla\Firefox\UserMessaging\FirefoxLabs = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\UserMessaging\Locked = 0x1 | 0x0 ``` #### Windows (Intune) @@ -6740,6 +6737,7 @@ OMA-URI: ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_UrlbarInterventions ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_SkipOnboarding ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_MoreFromMozilla +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_FirefoxLabs ./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~UserMessaging/UserMessaging_Locked ``` Value (string): @@ -6761,6 +6759,8 @@ Value (string): | MoreFromMozilla | + FirefoxLabs + | Locked | @@ -6776,6 +6776,7 @@ Value (string): "UrlbarInterventions": true | false, "SkipOnboarding": true | false, "MoreFromMozilla": true | false, + "FirefoxLabs": true | false, "Locked": true | false } }