X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/58e224c806e4040f3f87f2eadd11d41e51645429..fb04b6bdbc3cf7f2f840af084979d9574c3ca5fb:/docs/index.md
diff --git a/docs/index.md b/docs/index.md
index d0840a8..a1d1ba8 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -71,6 +71,7 @@ Unfortunately, JSON files do not support comments, but you can add extra entries
| **[`ExtensionSettings`](#extensionsettings)** | Manage all aspects of extensions.
| **[`ExtensionUpdate`](#extensionupdate)** | Control extension updates.
| **[`FirefoxHome`](#firefoxhome)** | Customize the Firefox Home page.
+| **[`FirefoxSuggest`](#firefoxsuggest)** | Customize Firefox Suggest.
| **[`GoToIntranetSiteForSingleWordEntryInAddressBar`](#gotointranetsiteforsinglewordentryinaddressbar)** | Force direct intranet site navigation instead of searching when typing single word entries in the address bar.
| **[`Handlers`](#handlers)** | Configure default application handlers.
| **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
@@ -2968,6 +2969,82 @@ Value (string):
}
}
```
+### FirefoxSuggest
+Customize Firefox Suggest (US only).
+
+**Compatibility:** Firefox 118, Firefox ESR 115.3.
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.urlbar.suggest.quicksuggest.nonsponsored`, `browser.urlbar.suggest.quicksuggest.sponsored`, `browser.urlbar.quicksuggest.dataCollection.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\FirefoxHome\WebSuggestions = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\SponsoredSuggestions = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\ImproveSuggest = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\FirefoxHome\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~FirefoxSuggest/WebSuggestions
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~FirefoxSuggest/SponsoredSuggestions
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~FirefoxSuggest/ImproveSuggest
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~FirefoxSuggest/Locked
+```
+Value (string):
+```
+ or
+```
+#### macOS
+```
+
+ FirefoxHome
+
+ WebSuggestions
+ |
+ SponsoredSuggestions
+ |
+ ImproveSuggest
+ |
+ Locked
+ |
+
+
+```
+#### policies.json
+```
+{
+ "policies": {
+ "FirefoxHome": {
+ "WebSuggestions": true | false,
+ "SponsoredSuggestions": true | false,
+ "ImproveSuggest": true | false,
+ "Locked": true | false
+ }
+ }
+}
+```
### GoToIntranetSiteForSingleWordEntryInAddressBar
Whether to always go through the DNS server before sending a single word search string to a search engine.
@@ -4525,6 +4602,7 @@ toolkit.legacyUserProfileCustomizations.stylesheets (Firefox 95, Firefox ESR 91.
ui.
widget.
xpinstall.signatures.required (Firefox ESR 102.10, Firefox ESR only)
+xpinstall.whitelist.required (Firefox 118, Firefox ESR 115.3)
```
as well as the following security preferences:
@@ -4541,21 +4619,23 @@ as well as the following security preferences:
| security.osclientcerts.autoload | boolean | false
| If true, client certificates are loaded from the operating system certificate store.
| security.OCSP.enabled | integer | 1
-| If 0, do not fetch OCSP. If 1, fetch OCSP for DV and EV certificates. If 2, fetch OCSP only for EV certificates
+| If 0, do not fetch OCSP. If 1, fetch OCSP for DV and EV certificates. If 2, fetch OCSP only for EV certificates.
| security.OCSP.require | boolean | false
| If true, if an OCSP request times out, the connection fails.
| security.osclientcerts.assume_rsa_pss_support | boolean | true
-| If false, we don't assume an RSA key can do RSA-PSS (Firefox 114, Firefox ESR 102.12).
+| If false, we don't assume an RSA key can do RSA-PSS. (Firefox 114, Firefox ESR 102.12)
| security.ssl.enable_ocsp_stapling | boolean | true
| If false, OCSP stapling is not enabled.
| security.ssl.errorReporting.enabled | boolean | true
| If false, SSL errors cannot be sent to Mozilla.
+| security.ssl.require_safe_negotiation | boolean | false
+| If true, Firefox will only negotiate TLS connections with servers that indicate they support secure renegotiation. (Firefox 118, Firefox ESR 115.3)
| security.tls.enable_0rtt_data | boolean | true
-| If false, TLS early data is turned off (Firefox 93, Firefox 91.2, Firefox 78.15).
+| If false, TLS early data is turned off. (Firefox 93, Firefox 91.2, Firefox 78.15)
| security.tls.hello_downgrade_check | boolean | true
| If false, the TLS 1.3 downgrade check is disabled.
| security.tls.version.enable-deprecated | boolean | false
-| If true, browser will accept TLS 1.0. and TLS 1.1 (Firefox 86, Firefox 78.8).
+| If true, browser will accept TLS 1.0. and TLS 1.1. (Firefox 86, Firefox 78.8)
| security.warn_submit_secure_to_insecure | boolean | true
| If false, no warning is shown when submitting a form from https to http.
@@ -4785,7 +4865,7 @@ Unless you lock this policy, changes the user already has in place will take eff
```
Software\Policies\Mozilla\Firefox\Proxy\Mode = "none" | "system" | "manual" | "autoDetect" | "autoConfig"
Software\Policies\Mozilla\Firefox\Proxy\Locked = 0x1 | 0x0
-Software\Policies\Mozilla\Firefox\=Proxy\HTTPProxy = https://httpproxy.example.com
+Software\Policies\Mozilla\Firefox\Proxy\HTTPProxy = https://httpproxy.example.com
Software\Policies\Mozilla\Firefox\Proxy\UseHTTPProxyForAllProtocols = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Proxy\SSLProxy = https://sslproxy.example.com
Software\Policies\Mozilla\Firefox\Proxy\FTPProxy = https://ftpproxy.example.com
@@ -5647,7 +5727,7 @@ Value (string):
```
### SSLVersionMax
-Set and lock the maximum version of TLS.
+Set and lock the maximum version of TLS. (Firefox defaults to a maximum of TLS 1.3.)
**Compatibility:** Firefox 66, Firefox ESR 60.6\
**CCK2 Equivalent:** N/A\
@@ -5685,7 +5765,7 @@ Value (string):
```
### SSLVersionMin
-Set and lock the minimum version of TLS.
+Set and lock the minimum version of TLS. (Firefox defaults to a minimum of TLS 1.2.)
**Compatibility:** Firefox 66, Firefox ESR 60.6\
**CCK2 Equivalent:** N/A\