X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/4c206678d5157877b9a73654e7fdbfcf11cd42ea..cd4fe4aa8f2a235878b2cebd551962845366fa9a:/README.md diff --git a/README.md b/README.md index 9fbfc36..d9b391c 100644 --- a/README.md +++ b/README.md @@ -76,7 +76,7 @@ Policies can be specified using the [Group Policy templates on Windows](https:// | **[`PictureInPicture`](#pictureinpicture)** | Enable or disable Picture-in-Picture. | **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed. | **[`Preferences`](#preferences)** | Set and lock preferences. -| **[`Preferences (Deprecated)`](#preferences--deprecated)** | Set and lock some preferences. +| **[`Preferences (Deprecated)`](#preferences-deprecated)** | Set and lock some preferences. | **[`PromptForDownloadLocation`](#promptfordownloadlocation)** | Ask where to save each file before downloading. | **[`Proxy`](#proxy)** | Configure proxy settings. | **[`RequestedLocales`](#requestedlocales)** | Set the the list of requested locales for the application in order of preference. @@ -1592,7 +1592,7 @@ Value (string): InvalidCertificate | - + SafeBrowsing | @@ -2071,11 +2071,11 @@ Value (string): Value | - + Locked | - + Cryptomining | - + Fingerprinting | Exceptions @@ -2130,7 +2130,7 @@ Value (string): Enabled | - + Locked | @@ -3343,7 +3343,7 @@ Value (string): Enabled | - + EnablePermissions | @@ -3359,7 +3359,7 @@ Value (string): } ``` ### Permissions -Set permissions associated with camera, microphone, location, notifications, autoplay, and virtual reality. Because these are origins, not domains, entries with unique ports must be specified separately. See examples below. +Set permissions associated with camera, microphone, location, notifications, autoplay, and virtual reality. Because these are origins, not domains, entries with unique ports must be specified separately. This explicitly means that it is not possible to add wildcards. See examples below. `Allow` is a list of origins where the feature is allowed. @@ -3772,24 +3772,38 @@ ui. widget. ``` as well as the following security preferences: -``` -security.default_personal_cert -security.insecure_connection_text.enabled -security.insecure_connection_text.pbmode.enabled -security.insecure_field_warning.contextual.enabled -security.mixed_content.block_active_content -security.osclientcerts.autoload -security.ssl.errorReporting.enabled -security.tls.hello_downgrade_check -security.warn_submit_secure_to_insecure -``` +| Preference | Type | Default +| --- | --- | --- +| security.default_personal_cert | string | Ask Every Time +|     If set to Select Automatically, Firefox automatically chooses the default personal certificate. +| security.insecure_connection_text.enabled | bool | false +|     If set to true, adds the words "Not Secure" for insecure sites. +| security.insecure_connection_text.pbmode.enabled | bool | false +|     If set to true, adds the words "Not Secure" for insecure sites in private browsing. +| security.insecure_field_warning.contextual.enabled | bool | true +|     If set to false, remove the warning for inscure login fields. +| security.mixed_content.block_active_content | boolean | true +|     If false, mixed active content (HTTP and HTTPS) is not blocked. +| security.osclientcerts.autoload | boolean | false +|     If true, client certificates are loaded from the operating system certificate store. +| security.ssl.errorReporting.enabled | boolean | true +|     If false, SSL errors cannot be sent to Mozilla. +| security.tls.hello_downgrade_check | boolean | true +|     If false, the TLS 1.3 downgrade check is disabled. +| security.warn_submit_secure_to_insecure | boolean | true +|     If false, no warning is shown when submitting s form from https to http. + Using the preference as the key, set the `Value` to the corresponding preference value. `Status` can be "default", "locked", "user" or "clear" +Default preferences can be modified by the user. + If a value is locked, it is also set as the default. -User preferences persist across invocations of Firefox. +User preferences persist across invocations of Firefox. It is the equivalent of a user setting the preference. They are most useful when a preference is needed very early in startup so it can't be set as default by policy. + +User preferences persist even if the policy is removed, so if you need to remove them, you should use the clear policy. See the examples below for more detail.