X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/8ef759eddb4a731bfa45899077e8adb5efe50d09..ebbc26bde0d4591515b0ae17b1baff173c4f90bc:/README.md
diff --git a/README.md b/README.md
index f62e6e9..77b8f74 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
+**IMPORTANT**: Complete Firefox 68 policies will be released later today.
+
**IMPORTANT**: This file is in active development along with the policies in Firefox. Make sure to check the compatibility section to see if a policy is available in a specific version of Firefox. To get the policy information that corresponds to a specific release, go to https://github.com/mozilla/policy-templates/releases.
Policies can be specified using the Group Policy templates on Windows (https://github.com/mozilla/policy-templates/tree/master/windows), configuration profiles on macOS (https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`. On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution.
@@ -31,14 +33,16 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| **[`DisablePrivateBrowsing`](#disableprivatebrowsing)** | Remove access to private browsing.
| **[`DisableProfileImport`](#disableprofileimport)** | Disables the "Import data from another browser" option in the bookmarks window.
| **[`DisableProfileRefresh`](#disableprofilerefresh)** | Disable the Refresh Firefox button on about:support and support.mozilla.org
-| **[`DisableSafeMode`](#disablesafemode)** | Disable safe mode.
+| **[`DisableSafeMode`](#disablesafemode)** | Disable safe mode within the browser.
| **[`DisableSecurityBypass`](#disablesecuritybypass)** | Prevent the user from bypassing security in certain cases.
| **[`DisableSystemAddonUpdate`](#disablesystemaddonupdate)** | Prevent system add-ons from being installed or update.
| **[`DisableTelemetry`](#disabletelemetry)** | DisableTelemetry
| **[`DisplayBookmarksToolbar`](#displaybookmarkstoolbar)** | Set the initial state of the bookmarks toolbar.
-| **[`DisplayMenuBar`](#displaymenubar)** | Set the initial state of the menubar
+| **[`DisplayMenuBar`](#displaymenubar)** | Set the initial state of the menubar.
| **[`DNSOverHTTPS`](#dnsoverhttps)** | Configure DNS over HTTPS.
| **[`DontCheckDefaultBrowser`](#dontcheckdefaultbrowser)** | Don't check if Firefox is the default browser at startup.
+| **[`DefaultDownloadDirectory`](#defaultdownloaddirectory)** | Set the default download directory.
+| **[`DownloadDirectory`](#downloaddirectory)** | Set and lock the download directory.
| **[`EnableTrackingProtection`](#enabletrackingprotection)** | Configure tracking protection.
| **[`Extensions`](#extensions)** | Control the installation, uninstallation and locking of extensions.
| **[`ExtensionUpdate`](#extensionupdate)** | Control extension updates.
@@ -46,16 +50,21 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
| **[`Homepage`](#homepage)** | Configure the default homepage and how Firefox starts.
| **[`InstallAddonsPermission`](#installaddonspermission)** | Configure the default extension install policy as well as origins for extension installs are allowed.
+| **[`LocalFileLinks`](#localfilelinks)** | Enable linking to local files by origin.
| **[`NetworkPrediction`](#networkprediction)** | Enable or disable network prediction (DNS prefetching).
+| **[`NewTabPage`](#newtabpage)** | Enable or disable the New Tab page.
| **[`NoDefaultBookmarks`](#nodefaultbookmarks)** | Disable the creation of default bookmarks.
| **[`OfferToSaveLogins`](#offertosavelogins)** | Control whether or not Firefox offers to save passwords.
| **[`OverrideFirstRunPage`](#overridefirstrunpage)** | Override the first run page.
| **[`OverridePostUpdatePage`](#overridepostupdatepage)** | Override the upgrade page.
-| **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
| **[`Permissions`](#permissions)** | Set permissions associated with camera, microphone, location, and notifications.
+| **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
+| **[`Preferences`](#preferences)** | Set and lock some preferences.
+| **[`PromptForDownloadLocation`](#promptfordownloadlocation)** | Ask where to save each file before downloading.
| **[`Proxy`](#proxy)** | Configure proxy settings.
| **[`RequestedLocales`](#requestedlocales)** | Set the the list of requested locales for the application in order of preference.
-| **[`SanitizeOnShutdown`](#sanitizeonshutdown)** | Clear all data on shutdown.
+| **[`SanitizeOnShutdown` (All)](#sanitizeonshutdown-all)** | Clear all data on shutdown.
+| **[`SanitizeOnShutdown` (Selective)](#sanitizeonshutdown-selective)** | Clear data on shutdown.
| **[`SearchBar`](#searchbar)** | Set whether or not search bar is displayed.
| **[`SearchEngines`](#searchengines-this-policy-is-only-available-on-the-esr)** |
| **[`SearchEngines -> Default`](#searchengines--default)** | Set the default search engine.
@@ -63,6 +72,7 @@ Policies can be specified using the Group Policy templates on Windows (https://g
| **[`SearchEngines -> Remove`](#searchengines--remove)** | Hide built-in search engines.
| **[`SearchEngines -> Add`](#searchengines--add)** | Add new search engines.
| **[`SecurityDevices`](#securitydevices)** | Install PKCS #11 modules.
+| **[`SearchSuggestEnabled`](#searchsuggestenabled)** | Enable search suggestions.
| **[`SSLVersionMax`](#sslversionmax)** | Set and lock the maximum version of TLS.
| **[`SSLVersionMin`](#sslversionmin)** | Set and lock the minimum version of TLS.
| **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited.
@@ -907,7 +917,9 @@ Software\Policies\Mozilla\Firefox\DisableProfileRefresh = 0x1 | 0x0
}
```
### DisableSafeMode
-Disable safe mode.
+Disable safe mode within the browser.
+
+On Windows, this disables safe mode via the command line as well.
**Compatibility:** Firefox 60, Firefox ESR 60 (Windows, macOS)\
**CCK2 Equivalent:** `disableSafeMode`\
@@ -1147,6 +1159,60 @@ Software\Policies\Mozilla\Firefox\DontCheckDefaultBrowser = 0x1 | 0x0
}
}
```
+### DefaultDownloadDirectory
+Set the default download directory.
+
+You can use ${home} for the native home directory.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.dir`,`browser.download.folderList`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\DefaultDownloadDirectory = "${home}\Downloads"
+```
+#### macOS
+```
+
+ DefaultDownloadDirectory
+ ${home}/Downloads
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "DefaultDownloadDirectory": "${home}/Downloads"
+}
+```
+### DownloadDirectory
+Set and lock the download directory.
+
+You can use ${home} for the native home directory.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.dir`,`browser.download.folderList`,`browser.download.useDownloadDir`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\DownloadDirectory = "${home}\Downloads"
+```
+#### macOS
+```
+
+ DownloadDirectory
+ ${home}/Downloads
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "DownloadDirectory": "${home}/Downloads"
+}
+```
### EnableTrackingProtection
Configure tracking protection.
@@ -1450,6 +1516,37 @@ Software\Policies\Mozilla\Firefox\InstallAddonsPermission\Default = 0x1 | 0x0
}
}
```
+### LocalFileLinks
+Enable linking to local files by origin.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `capability.policy.localfilelinks.*`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\LocalFileLinks\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\LocalFileLinks\2 = "https://example.edu"
+```
+#### macOS
+```
+
+ LocalFileLinks
+
+ http://example.org
+ http://example.edu
+
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "LocalFileLinks": ["http://example.org/",
+ "http://example.edu/"]
+ }
+}
+```
### NoDefaultBookmarks
Disable the creation of default bookmarks.
@@ -1479,7 +1576,7 @@ Software\Policies\Mozilla\Firefox\NoDefaultBookmarks = 0x1 | 0x0
}
```
### NetworkPrediction
-Enable or disable network prediction (DNS prefetching).
+Enable or disable network prediction (DNS prefetching).
**Compatibility:** Firefox 67, Firefox ESR 60.7\
**CCK2 Equivalent:** N/A\
@@ -1503,6 +1600,31 @@ Software\Policies\Mozilla\Firefox\NetworkPrediction = 0x1 | 0x0
"NetworkPrediction": true | false
}
```
+### NewTabPage
+Enable or disable the New Tab page.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.newtabpage.enabled`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\NewTabPage = 0x1 | 0x0
+```
+#### macOS
+```
+
+ NewTabPage
+ |
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "NewTabPage": true | false
+}
+```
### OfferToSaveLogins
Control whether or not Firefox offers to save passwords.
@@ -1551,7 +1673,7 @@ Software\Policies\Mozilla\Firefox\OverrideFirstRunPage = "http://example.org"
```
{
"policies": {
- "OverrideFirstRunPage": ""http://example.org""
+ "OverrideFirstRunPage": "http://example.org"
}
```
### OverridePostUpdatePage
@@ -1576,7 +1698,7 @@ Software\Policies\Mozilla\Firefox\OverridePostUpdatePage = "http://example.org"
```
{
"policies": {
- "OverridePostUpdatePage": ""http://example.org""
+ "OverridePostUpdatePage": "http://example.org"
}
```
### Permissions
@@ -1764,8 +1886,95 @@ Software\Policies\Mozilla\Firefox\PopupBlocking\Locked = 0x1 | 0x0
}
}
```
+### Preferences
+Set and lock certain preferences.
+
+**Compatibility:** See below\
+**CCK2 Equivalent:** `preferences`\
+**Preferences Affected:** See below
+
+| Preference | Type | Compatibility
+| --- | --- | ---
+| app.update.auto | boolean | Firefox 68, Firefox 68 ESR
+| browser.cache.disk.enable | boolean | Firefox 68, Firefox 68 ESR
+| browser.cache.disk.parent_directory | string | Firefox 68, Firefox 68 ESR
+| browser.fixup.dns_first_for_single_words | boolean | Firefox 68, Firefox 68 ESR
+| browser.search.update | boolean | Firefox 68, Firefox 68 ESR
+| browser.tabs.warnOnClose | boolean | Firefox 68, Firefox 68 ESR
+| browser.urlbar.suggest.bookmark | boolean | Firefox 68, Firefox 68 ESR
+| browser.urlbar.suggest.history | boolean | Firefox 68, Firefox 68 ESR
+| browser.urlbar.suggest.openpage | boolean | Firefox 68, Firefox 68 ESR
+| datareporting.policy.dataSubmissionPolicyBypassNotification | boolean | Firefox 68, Firefox 68 ESR
+| dom.disable_window_flip | boolean | Firefox 68, Firefox 68 ESR
+| dom.disable_window_move_resize | boolean | Firefox 68, Firefox 68 ESR
+| dom.event.contextmenu.enabled | boolean | Firefox 68, Firefox 68 ESR
+| dom.keyboardevent.keypress.hack.dispatch_non_printable_keys.addl | string | Firefox 68, Firefox 68 ESR
+| dom.keyboardevent.keypress.hack.use_legacy_keycode_and_charcode.addl | string | Firefox 68, Firefox 68 ESR
+| extensions.getAddons.showPane | boolean | Firefox 68, Firefox 68 ESR
+| media.gmp-gmpopenh264.enabled | boolean | Firefox 68, Firefox 68 ESR
+| media.gmp-widevinecdm.enabled | boolean | Firefox 68, Firefox 68 ESR
+| network.dns.disableIPv6 | boolean | Firefox 68, Firefox 68 ESR
+| network.IDN_show_punycode | boolean | Firefox 68, Firefox 68 ESR
+| places.history.enabled | boolean | Firefox 68, Firefox 68 ESR
+| security.default_personal_cert | string | Firefox 68, Firefox 68 ESR
+| security.ssl.errorReporting.enabled | boolean | Firefox 68, Firefox 68 ESR
+| ui.key.menuAccessKeyFocuses | boolean | Firefox 68, Firefox 68 ESR
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\Preferences\boolean_preference_name = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Preferences\string_preference_name = "string_value"
+```
+#### macOS
+```
+
+ Preference
+
+ boolean_preference_name
+ |
+ string_preference_name
+ string_value
+
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "Preference": {
+ "boolean_preference_name": true | false,
+ "string_preference_name": "string_value"
+ }
+ }
+}
+```
+### PromptForDownloadLocation
+Ask where to save each file before downloading.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A
+**Preferences Affected:** `browser.download.useDownloadDir`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\PromptForDownloadLocation = 0x1 | 0x0
+```
+#### macOS
+```
+
+ PromptForDownloadLocation
+ |
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "PromptForDownloadLocation": true | false
+ }
+}
+```
### Proxy
-Configugre proxy settings. These settings correspond to the connection settings in Firefox preferences.
+Configure proxy settings. These settings correspond to the connection settings in Firefox preferences.
To specify ports, append them to the hostnames with a colon (:).
`Mode` is the proxy method being used.
@@ -1893,12 +2102,70 @@ Software\Policies\Mozilla\Firefox\RequestedLocales\2 = "en-US"
}
}
```
-### SanitizeOnShutdown
+### SanitizeOnShutdown (Selective)
+Clear data on shutdown. Choose from Cache, Cookies, Download History, Form & Search History, Browsing History, Active Logins, Site Preferences and Offline Website Data.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown`,`privacy.clearOnShutdown.cache`,`privacy.clearOnShutdown.cookies`,`privacy.clearOnShutdown.downloads`,`privacy.clearOnShutdown.formdata`,`privacy.clearOnShutdown.history`,`privacy.clearOnShutdown.sessions`,`privacy.clearOnShutdown.siteSettings`,`privacy.clearOnShutdown.offlineApps`
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cache = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cookies = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Downloads = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\FormData = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\History = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Sessions = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\SiteSettings = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\OfflineApps = 0x1 | 0x0
+```
+#### macOS
+```
+
+ SanitizeOnShutdown
+
+ Cache
+ |
+ Cookies
+ |
+ Downloads
+ |
+ FormData
+ |
+ History
+ |
+ Sessions
+ |
+ SiteSettings
+ |
+ OfflineApps
+ |
+
+
+```
+#### JSON
+```
+{
+ "policies": {
+ "SanitizeOnShutdown": {
+ "Cache": true | false,
+ "Cookies": true | false,
+ "Downloads": true | false,
+ "FormData": true | false,
+ "History": true | false,
+ "Sessions": true | false,
+ "SiteSettings": true | false,
+ "OfflineApps": true | false
+ }
+ }
+}
+```
+### SanitizeOnShutdown (All)
Clear all data on shutdown, including Browsing & Download History, Cookies, Active Logins, Cache, Form & Search History, Site Preferences and Offline Website Data.
**Compatibility:** Firefox 60, Firefox ESR 60\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown,privacy.clearOnShutdown.cache,privacy.clearOnShutdown.cookies,privacy.clearOnShutdown.downloads,privacy.clearOnShutdown.formdata,privacy.clearOnShutdown.history,privacy.clearOnShutdown.sessions,privacy.clearOnShutdown.siteSettings,privacy.clearOnShutdown.offlineApps`
+**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown`,`privacy.clearOnShutdown.cache`,`privacy.clearOnShutdown.cookies`,`privacy.clearOnShutdown.downloads`,`privacy.clearOnShutdown.formdata`,`privacy.clearOnShutdown.history`,`privacy.clearOnShutdown.sessions`,`privacy.clearOnShutdown.siteSettings`,`privacy.clearOnShutdown.offlineApps`
#### Windows
```
Software\Policies\Mozilla\Firefox\SanitizeOnShutdown = 0x1 | 0x0
@@ -2128,6 +2395,33 @@ Software\Policies\Mozilla\Firefox\SearchEngines\Add\1\SuggestURLTemplate = "http
}
}
```
+### SearchSuggestEnabled
+
+Enable search suggestions.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.urlbar.suggest.searches`,`browser.search.suggest.enabled`
+
+### Windows
+```
+Software\Policies\Mozilla\Firefox\SearchSuggestEnabled = 0x1 | 0x0
+```
+#### macOS
+```
+
+ SearchSuggestEnabled
+ |
+
+```
+### JSON
+```
+{
+ "policies": {
+ "SearchSuggestEnabled": true | false
+ }
+}
+```
### SecurityDevices
Install PKCS #11 modules.