X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/697516d511c39940a6482f39e6b0d082cf872239..1c7b1612b68d32623da130e04cf4db8b45c27ed8:/windows/en-US/firefox.adml diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index 26b31c4..00817de 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -1,5 +1,5 @@ - + @@ -29,6 +29,17 @@ Firefox 77 or later, Firefox 68.9 ESR or later Firefox 77 or later Firefox 78 or later + Firefox 79 or later, Firefox 78.1 ESR or later + Firefox 80 or later, Firefox 78.2 ESR or later + Firefox 81 or later, Firefox 78.3 ESR or later + Firefox 82 or later, Firefox 78.4 ESR or later + Firefox 83 or later, Firefox 78.5 ESR or later + Firefox 84 or later, Firefox 78.6 ESR or later + Firefox 85 or later, Firefox 78.7 ESR or later + Firefox 86 or later, Firefox 78.8 ESR or later + Firefox 88 or later, Firefox 78.10 ESR or later + Firefox 89 or later, Firefox 78.11 ESR or later + Firefox 90 or later, Firefox 78.12 ESR or later Firefox Permissions Camera @@ -36,6 +47,7 @@ Location Notifications Autoplay + Virtual Reality Authentication Bookmarks Certificates @@ -46,11 +58,14 @@ Flash Home page Search - Preferences + Preferences (Deprecated) User Messaging Disabled Ciphers Encrypted Media Extensions + PDFjs + Picture-in-Picture Allowed Sites + Allowed Sites (Session Only) Blocked Sites Application Autoupdate If this policy is enabled, Firefox is automatically updated without user approval. @@ -170,7 +185,7 @@ If this policy is disabled or not configured, the browser receives updates.If this policy is enabled, PDF files are not viewed within Firefox. If this policy is disabled or not configured, PDF files are viewed within Firefox. - Disable the default browser agent. + Disable the default browser agent If this policy is enabled, the default browser agent is disabled. If this policy is disabled or not configured, the default browser agent is enabled. @@ -325,7 +340,7 @@ In either case, the user will be able to change the value (it is not locked).If this policy is enabled, pop-up windows are always allowed for the origins indicated. If a top level domain is specified (http://example.org), pop-up windows are allowed for all subdomains as well. If this policy is disabled or not configured, the default pop-up policy is followed. - Allow pop-ups from websites + Block pop-ups from websites If this policy is disabled, pop-up windows are allowed from websites by default. If this policy is not configured or enabled, popups are not allowed from websites. @@ -342,6 +357,9 @@ If this policy is disabled or not configured, the default add-on policy is follo If this policy is not configured or enabled, add-ons can be installed. If this policy is enabled, cookies are always allowed for the origins indicated. If a top level domain is specified (http://example.org), cookies are allowed for all subdomains as well. +If this policy is disabled or not configured, the default cookie policy is followed. + If this policy is enabled, cookies are allowed for the origins indicated, but removed at the end of the session. If a top level domain is specified (http://example.org), cookies are allowed for all subdomains as well. + If this policy is disabled or not configured, the default cookie policy is followed. If this policy is enabled, cookies are blocked for the origins indicated. If a top level domain is specified (http://example.org), cookies are blocked from all subdomains as well. @@ -444,6 +462,20 @@ If this policy is disabled or not configured, the user can change autoplay prefe Allow Audio and Video Block Audio Block Audio and Video + If this policy is enabled, access to virtual reality devices is always allowed for the origins indicated. + +If this policy is disabled or not configured, the default virtual reality policy is followed. + If this policy is enabled, access to virtual reality devices is blocked for the origins indicated. + +If this policy is disabled or not configured, access to virtual reality devices is not blocked by default. + Block new requests asking to access virtual reality devices. + If this policy is enabled, sites that are not in the Allow policy will not be allowed to ask permission to access virtual reality devices. + +If this policy is disabled or not configured, any site that is not in the Block policy can ask permission to virtual reality devices. + Do not allow preferences to be changed + If this policy is enabled, virtual reality preferences cannot be changed by the user. + +If this policy is disabled or not configured, the user can change their virtual reality preferences. Customize Firefox Home If this policy is enabled, you can choose the sections displayed on Firefox Home and prevent the user from changing them. @@ -467,6 +499,8 @@ If this policy is disabled or not configured, the user can change their Flash pr Override the first run page If this policy is enabled, you can specify a URL to be used as the first run page. If you leave the URL blank, no first run page will be shown. +Starting with Firefox 83, Firefox ESR 78.5, you can also specify multiple URLS separated by a vertical bar (|). + If this policy is disabled or not configured, the first run page is displayed. Override the upgrade page If this policy is enabled, you can specify a URL to be displayed after Firefox is updated. If you leave the URL blank, no upgrade page will be shown. @@ -517,11 +551,11 @@ If this policy is enabled, any shutdown preferences explicitly set via policy ca If this policy is not configured, no shutdown preferences can be changed by the user (previous behavior). Blocked websites - If this policy is enabled, you can specify match patterns that indicate sites to be blocked. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https addresses are supported at the moment. There is a 1000 entry limit. + If this policy is enabled, you can specify match patterns that indicate sites to be blocked. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. There is a 1000 entry limit. If this policy is disabled or not configured, no websites are blocked. Exceptions to blocked websites - If this policy is enabled, and the website filter is enabled, you can specify match patterns for sites you do not want to block. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. Only http/https addresses are supported at the moment. There is a 1000 entry limit. + If this policy is enabled, and the website filter is enabled, you can specify match patterns for sites you do not want to block. The match patterns are documented at https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns. There is a 1000 entry limit. If this policy is disabled or not configured, there are no exceptions to the website filter. Bookmark 01 @@ -600,6 +634,13 @@ If this policy is disabled or not configured, the start page defaults to the pre None Homepage Previous Session + Homepage (Locked) + Show Home button on toolbar + If this policy is enabled, the home button will appear on the toolbar by default. + +If this policy is disabled, the home button will not appear on the toolbar by default. + +If this policy is not configured, Firefox will determine whether or not the home button appears on the toolbar by default. Password Manager If this policy is disabled, the password manager is not available via preferences. @@ -727,47 +768,31 @@ If this policy is enabled or not configured, extensions will be recommended as t Feature Recommendations If this policy is disabled, Firefox features will not be recommended as the user uses Firefox. -If this policy is enabled or not configured, Firefox features wil be recommended as the user uses Firefox. +If this policy is enabled or not configured, Firefox features will be recommended as the user uses Firefox. Urlbar Interventions If this policy is disabled, actions will not be recommended based on what the user types in the URL bar. If this policy is enabled or not configured, actions will be recommended based on what the user types in the URL bar. - TLS_DHE_RSA_WITH_AES_128_CBC_SHA - If this policy is disabled, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. + Skip Onboarding + If this policy is enabled, onboarding messages will not be shown on the new tab page. -If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. +If this policy is disabled or not configured, onboarding messages will be shown on the new tab page. + TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA - If this policy is disabled, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA cipher is enabled. TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA cipher is enabled. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - If this policy is disabled, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 cipher is enabled. TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - If this policy is disabled, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is disabled. - -If this policy is enabled or not configured, the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher is enabled. TLS_RSA_WITH_AES_128_CBC_SHA - If this policy is disabled, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_RSA_WITH_AES_128_CBC_SHA cipher is enabled. TLS_RSA_WITH_AES_256_CBC_SHA - If this policy is disabled, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is disabled. - -If this policy is enabled or not configured, the TLS_RSA_WITH_AES_256_CBC_SHA cipher is enabled. TLS_RSA_WITH_3DES_EDE_CBC_SHA - If this policy is disabled, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is disabled. + TLS_RSA_WITH_AES_128_GCM_SHA256 + TLS_RSA_WITH_AES_256_GCM_SHA384 + If this policy is enabled, the corresponding cipher is disabled. -If this policy is enabled or not configured, the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher is enabled. +If this policy is disabled, the corresponding cipher is enabled. + +If this policy is not configured, the corresponding cipher is enabled or disabled based on the default in Firefox. Enable Encrypted Media Extensions If this policy is disabled, encrypted media extensions (like Widevine) are not downloaded by Firefox unless the user consents to installing them. @@ -776,6 +801,52 @@ If this policy is enabled or not configured, encrypted media extensions (like Wi If this policy is enabled and EncryptedMediaExtensions are disabled, Firefox will not download encrypted media extensions (like Widevine) or ask the user to install them. If this policy is not disabled or not configured, it has no effect. + Enable PDFjs + If this policy is disabled, the built-in PDF viewer is not used. + +If this policy is enabled or not configured, the built-in PDF viewer is used. + Enable Permissions + If this policy is enabled, the built-in PDF viewer will honor document permissions like preventing the copying of text. + +If this policy is not disabled or not configured, document permissions are ignored. + Enabled + If this policy is disabled, the Picture-in-Picture toggle does not appear on videos. + +If this policy is enabled or not configured, the Picture-in-Picture toggle is available on videos. + Locked + If this policy is enabled, Picture-in-Picture settings cannot be changed by the user. + +If this policy is disabled or not configured,Picture-in-Picture settings can be changed by the user. + Primary (Master) Password + If this policy is enabled, a primary password is required. + +If this policy is disabled, users cannot create a primary password. + +If this policy is not configured, users can choose to create a primary password. + Handlers + If this policy is enabled, you can use JSON to configure default application handlers. + +If this policy is disabled or not configured, Firefox defaults are used. + +For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#handlers. + Preferences + Note: In order to use this policy, you must clear all settings in the old Preferences (Deprecated) section. + +If this policy is enabled, you can use JSON to configure preferences. + +If this policy is disabled or not configured, preferences are not modified. + +For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#preferences. + Managed Bookmarks + If this policy is enabled, you can use JSON to configure managed bookmarks. + +If this policy is disabled or not configured, managed bookmarks are not added. + +For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#managedbookmarks. + Define domains allowed to access Google Workspace + If this policy is enabled, users can only access Google Workspace for the specified domains (separated by a comma). To allow access to Gmail, you can add consumer_accounts. + +If this policy is disabled or not configured, users can access any account on Google Workspace as well as Gmail. If this policy is enabled, the preference is locked to true. If this policy is disabled, the preference is locked to false. For a description of the preference, see: @@ -841,7 +912,8 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.browser.newtabpage.activity-stream.default.sites extensions.htmlaboutaddons.recommendations.enabled media.peerconnection.enabled - media.peerconnection.ice.obfuscate_host_addresses.whitelist + media.peerconnection.ice.obfuscate_host_addresses.whitelist (Deprecated) + media.peerconnection.ice.obfuscate_host_addresses.blocklist security.osclientcerts.autoload security.tls.hello_downgrade_check widget.content.gtk-theme-override @@ -1062,6 +1134,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences. + + + @@ -1076,6 +1151,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences. + + +