X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/697516d511c39940a6482f39e6b0d082cf872239..55d1d84bbc71aa851f2727fdeabbec32d7084f8e:/README.md

diff --git a/README.md b/README.md
index e8f1148..9cd4d11 100644
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@
 
 **You should use the [officially released versions](https://github.com/mozilla/policy-templates/releases) if you are deploying changes.**
 
-Policies can be specified using the [Group Policy templates on Windows](https://github.com/mozilla/policy-templates/tree/master/windows), [Intune on Windows](https://support.mozilla.org/kb/managing-firefox-intune), [configuration profiles on macOS](https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`.  On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution.
+Policies can be specified using the [Group Policy templates on Windows](https://github.com/mozilla/policy-templates/tree/master/windows), [Intune on Windows](https://support.mozilla.org/kb/managing-firefox-intune), [configuration profiles on macOS](https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`.  On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution or you can specify system-wide policy by placing the file in `/etc/firefox/policies`.
 
 | Policy Name | Description
 | --- | --- |
@@ -69,7 +69,9 @@ Policies can be specified using the [Group Policy templates on Windows](https://
 | **[`OverrideFirstRunPage`](#overridefirstrunpage)** | Override the first run page.
 | **[`OverridePostUpdatePage`](#overridepostupdatepage)** | Override the upgrade page.
 | **[`PasswordManagerEnabled`](#passwordmanagerenabled)** | Remove (some) access to the password manager.
+| **[`PDFjs`](#pdfjs)** | Disable or configure PDF.js, the built-in PDF viewer.
 | **[`Permissions`](#permissions)** | Set permissions associated with camera, microphone, location, and notifications.
+| **[`PictureInPicture`](#pictureinpicture)** | Enable or disable Picture-in-Picture.
 | **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
 | **[`Preferences`](#preferences)** | Set and lock some preferences.
 | **[`PromptForDownloadLocation`](#promptfordownloadlocation)** | Ask where to save each file before downloading.
@@ -1558,8 +1560,8 @@ Value (string):
 {
   "policies": {
     "DisableSecurityBypass": {
-      "InvalidCertificate": true false,
-      "SafeBrowsing": true false
+      "InvalidCertificate": true | false,
+      "SafeBrowsing": true | false
     }
   }
 }
@@ -2017,10 +2019,10 @@ Value (string):
 {
   "policies": {
     "EnableTrackingProtection": {
-      "Value": [true, false],
-      "Locked": [true, false],
-      "Cryptomining": [true, false],
-      "Fingerprinting": [true, false],
+      "Value": true | false,
+      "Locked": true | false,
+      "Cryptomining": true | false,
+      "Fingerprinting": true | false,
       "Exceptions": ["https://example.com"]
     }
 }
@@ -2068,8 +2070,8 @@ Value (string):
 {
   "policies": {
     "EncryptedMediaExtensions": {
-      "Enabled": [true, false],
-      "Locked": [true, false]
+      "Enabled": true | false,
+      "Locked": true | false
     }
 }
 ```
@@ -2964,6 +2966,56 @@ Value (string):
   }
 }
 ```
+### PDFjs
+Disable or configure PDF.js, the built-in PDF viewer.
+
+If `Enabled` is set to false, the built-in PDF viewer is disabled.
+
+If `EnablePermissions` is set to true, the built-in PDF viewer will honor document permissions like preventing the copying of text.
+
+Note: DisableBuiltinPDFViewer has not been deprecated. You can either continue to use it, or switch to using PDFjs->Enabled to disable the built-in PDF viewer. This new permission was added because we needed a place for PDFjs->EnabledPermissions.
+
+**Compatibility:** Firefox 77, Firefox ESR 68.9\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `pdfjs.diabled`,`pdfjs.enablePermissions`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PDFjs\Enabled = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\PDFjs\EnablePermissions = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~PDFjs/PDFjs_Enabled
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~PDFjs/PDFjs_EnablePermissions
+```
+Value (string):
+```
+<enabled/>or <disabled/>
+```
+#### macOS
+```
+<dict>
+  <key>PDFjs</key>
+  <dict>
+    <key>Enabled</key>
+    <true/> | <false/>
+    <key><EnablePermissions</key>
+    <true/> | <false/>
+  </dict>
+</dict>
+```
+#### policies.json
+```
+{
+  "policies": {
+    "PSFjs": {
+      "Enabled": true | false,
+      "EnablePermissions": true | false
+    }
+}
+```
 ### Permissions
 Set permissions associated with camera, microphone, location, notifications, and autoplay. Because these are origins, not domains, entries with unique ports must be specified separately. See examples below.
 
@@ -3205,6 +3257,42 @@ Value (string):
   }
 }
 ```
+### PictureInPicture
+
+Enable or disable Picture-in-Picture.
+
+**Compatibility:** Firefox 78, Firefox ESR 78\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `media.videocontrols.picture-in-picture.video-toggle.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\PictureInPicture = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PictureInPicture
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+  <key>PictureInPicture</key>
+  <true/> | <false/>
+</dict>
+```
+#### policies.json
+```
+{
+  "policies": {
+    "PictureInPicture": true | false
+  }
+}
+```
 ### PopupBlocking
 Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
 
@@ -3567,17 +3655,17 @@ Value (string):
   "policies": {
     "Proxy": {
       "Mode": "none", "system", "manual", "autoDetect", "autoConfig",
-      "Locked": [true, false],
+      "Locked": true | false,
       "HTTPProxy": "hostname",
-      "UseHTTPProxyForAllProtocols": [true, false],
+      "UseHTTPProxyForAllProtocols": true | false,
       "SSLProxy": "hostname",
       "FTPProxy": "hostname",
       "SOCKSProxy": "hostname",
       "SOCKSVersion": 4 | 5
       "Passthrough": "<local>",
       "AutoConfigURL": "URL_TO_AUTOCONFIG",
-      "AutoLogin":  [true, false],
-      "UseProxyForDNS": [true, false]
+      "AutoLogin": true | false,
+      "UseProxyForDNS": true | false
     }
   }
 }