X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/83649c1a4f058ed4d9da2ae495a42876b3010e4b..8bd4f068db442aa6c79fc4d2c44b4a7b289b9a78:/README.md
diff --git a/README.md b/README.md
index e315c11..8148a25 100644
--- a/README.md
+++ b/README.md
@@ -59,8 +59,10 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| **[`NewTabPage`](#newtabpage)** | Enable or disable the New Tab page.
| **[`NoDefaultBookmarks`](#nodefaultbookmarks)** | Disable the creation of default bookmarks.
| **[`OfferToSaveLogins`](#offertosavelogins)** | Control whether or not Firefox offers to save passwords.
+| **[`OfferToSaveLoginsDefault`](#offertosaveloginsdefault)** | Set the default value for whether or not Firefox offers to save passwords.
| **[`OverrideFirstRunPage`](#overridefirstrunpage)** | Override the first run page.
| **[`OverridePostUpdatePage`](#overridepostupdatepage)** | Override the upgrade page.
+| **[`PasswordManagerEnabled`](#passwordmanagerenabled)** | Remove (some) access to the password manager.
| **[`Permissions`](#permissions)** | Set permissions associated with camera, microphone, location, and notifications.
| **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
| **[`Preferences`](#preferences)** | Set and lock some preferences.
@@ -115,9 +117,9 @@ Configure sites that support integrated authentication.
See https://developer.mozilla.org/en-US/docs/Mozilla/Integrated_authentication for more information.
-**Compatibility:** Firefox 60, Firefox ESR 60 (AllowNonFQDN added in 62/60.2)\
+**Compatibility:** Firefox 60, Firefox ESR 60 (AllowNonFQDN added in 62/60.2, AllowProxies added in 70/68.2)\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `network.negotiate-auth.trusted-uris`, `network.negotiate-auth.delegation-uris`, `network.automatic-ntlm-auth.trusted-uris`, `network.automatic-ntlm-auth.allow-non-fqdn`, `network.negotiate-auth.allow-non-fqdn`
+**Preferences Affected:** `network.negotiate-auth.trusted-uris`,`network.negotiate-auth.delegation-uris`,`network.automatic-ntlm-auth.trusted-uris`,`network.automatic-ntlm-auth.allow-non-fqdn`,`network.negotiate-auth.allow-non-fqdn`,`network.automatic-ntlm-auth.allow-proxies`,`network.negotiate-auth.allow-proxies`
#### Windows
```
@@ -129,6 +131,8 @@ Software\Policies\Mozilla\Firefox\Authentication\NTLM\1 = "mydomain.com"
Software\Policies\Mozilla\Firefox\Authentication\NTLM\2 = "https://myotherdomain.com"
Software\Policies\Mozilla\Firefox\Authentication\AllowNonFQDN\SPNEGO = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Authentication\AllowNonFQDN\NTLM = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\SPNEGO = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Authentication\AllowProxies\NTLM = 0x1 | 0x0
```
#### macOS
```
@@ -157,6 +161,13 @@ Software\Policies\Mozilla\Firefox\Authentication\AllowNonFQDN\NTLM = 0x1 | 0x0
NTLM
|
+ AllowProxies
+
+ SPNEGO
+ |
+ NTLM
+ |
+
```
@@ -171,6 +182,10 @@ Software\Policies\Mozilla\Firefox\Authentication\AllowNonFQDN\NTLM = 0x1 | 0x0
"AllowNonFQDN": {
"SPNEGO": true | false,
"NTLM": true | false
+ },
+ "AllowProxies": {
+ "SPNEGO": true | false,
+ "NTLM": true | false
}
}
}
@@ -1240,14 +1255,20 @@ If `Value` is set to false, tracking protection is disabled and locked in both t
If `Value` is set to true, tracking protection is enabled by default in both the regular browser and private browsing and the `Locked` value determines whether or not a user can change it.
-**Compatibility:** Firefox 60, Firefox ESR 60\
+If `Cryptomining` is set to true, cryptomining scripts on websites are blocked.
+
+If `Fingerprinting` is set to true, fingerprinting scripts on websites are blocked.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (Cryptomining and Fingerprinting added in 70/68.2)\
**CCK2 Equivalent:** `dontCheckDefaultBrowser`\
-**Preferences Affected:** `privacy.trackingprotection.enabled`,`privacy.trackingprotection.pbmode.enabled`
+**Preferences Affected:** `privacy.trackingprotection.enabled`,`privacy.trackingprotection.pbmode.enabled`,`privacy.trackingprotection.cryptomining.enabled`,`privacy.trackingprotection.fingerprinting.enabled`
#### Windows
```
Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Value = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Locked = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Cryptomining = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Fingerprinting = 0x1 | 0x0
```
#### macOS
```
@@ -1256,9 +1277,12 @@ Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Locked = 0x1 | 0x0
Value
|
-
|
+
+ |
+
+ |
```
@@ -1268,7 +1292,9 @@ Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Locked = 0x1 | 0x0
"policies": {
"EnableTrackingProtection": {
"Value": [true, false],
- "Locked": [true, false]
+ "Locked": [true, false],
+ "Cryptomining": [true, false],
+ "Fingerprinting": [true, false]
}
}
```
@@ -1824,6 +1850,32 @@ Software\Policies\Mozilla\Firefox\OfferToSaveLogins = 0x1 | 0x0
}
}
```
+### OfferToSaveLoginsDefault
+Sets the default value of signon.rememberSignons without locking it.
+
+**Compatibility:** Firefox 70, Firefox ESR 60.2\
+**CCK2 Equivalent:** `dontRememberPasswords`\
+**Preferences Affected:** `signon.rememberSignons`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\OfferToSaveLoginsDefault = 0x1 | 0x0
+```
+#### macOS
+```
+
+ OfferToSaveLoginsDefault
+ |
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "OfferToSaveLoginsDefault": true | false
+ }
+}
+```
### OverrideFirstRunPage
Override the first run page. If the value is blank, no first run page is displayed.
@@ -1874,6 +1926,32 @@ Software\Policies\Mozilla\Firefox\OverridePostUpdatePage = "http://example.org"
"OverridePostUpdatePage": "http://example.org"
}
```
+### PasswordManagerEnabled
+Remove access to the password manager via preferences and blocks about:logins on Firefox 70.
+
+**Compatibility:** Firefox 70, Firefox ESR 60.2\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `prefs.privacy.disable_button.view_passwords`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\PasswordManagerEnabled = 0x1 | 0x0
+```
+#### macOS
+```
+
+ PasswordManagerEnabled
+ |
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "PasswordManagerEnabled": true | false
+ }
+}
+```
### Permissions
Set permissions associated with camera, microphone, location, and notifications
@@ -2075,9 +2153,9 @@ Set and lock certain preferences.
| browser.bookmarks.autoExportHTML | boolean | Firefox 70, Firefox ESR 6.2 | false
| If true, bookmarks are exported on shutdown.
| browser.bookmarks.file | string | Firefox 70, Firefox ESR 6.2 | N/A
-|
+| If set, the name of the file where bookmarks are exported and imported.
| browser.bookmarks.restore_default_bookmarks | string | Firefox 70, Firefox ESR 6.2 | N/A
-| If true, bookmarks are restored from the profile at startup.
+| If true, bookmarks are restored to their defaults.
| browser.cache.disk.enable | boolean | Firefox 68, Firefox ESR 68 | true
| If false, don't store cache on the hard drive.
| browser.cache.disk.parent_directory | string | Firefox 68, Firefox ESR 68 | Profile temporary directory
@@ -2085,7 +2163,7 @@ Set and lock certain preferences.
| browser.fixup.dns_first_for_single_words | boolean | Firefox 68, Firefox ESR 68 | false
| If true, single words are sent to DNS, not directly to search.
| browser.places.importBookmarksHTML | string | Firefox 70, Firefox ESR 6.2
-|
+| If true, bookmarks are always imported on startup.
| browser.safebrowsing.phishing.enabled | string | Firefox 70, Firefox ESR 6.2 | true
| If false, phishing protection is not enabled (Not recommended)
| browser.safebrowsing.malware.enabled | string | Firefox 70, Firefox ESR 6.2 | true