X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/ab83abd3ffd04493e2224424449f9992a82d52da..d22a49a88af0d5af08db04e0490727d9f2f97821:/docs/index.md

diff --git a/docs/index.md b/docs/index.md
index a0e1fe8..f65b8b1 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -77,6 +77,7 @@ Note: The `policies.json` must use the UTF-8 encoding.
 | **[`ExtensionUpdate`](#extensionupdate)** | Control extension updates.
 | **[`FirefoxHome`](#firefoxhome)** | Customize the Firefox Home page.
 | **[`FirefoxSuggest`](#firefoxsuggest)** | Customize Firefox Suggest.
+| **[`GenerativeAI`](#generativeai)** | Configure generative AI features.
 | **[`GoToIntranetSiteForSingleWordEntryInAddressBar`](#gotointranetsiteforsinglewordentryinaddressbar)** | Force direct intranet site navigation instead of searching when typing single word entries in the address bar.
 | **[`Handlers`](#handlers)** | Configure default application handlers.
 | **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
@@ -613,7 +614,7 @@ Value (string):
 ### AutoLaunchProtocolsFromOrigins
 Define a list of external protocols that can be used from listed origins without prompting the user. The origin is the scheme plus the hostname.
 
-The syntax of this policy is exactly the same as the [Chrome AutoLaunchProtocolsFromOrigins policy](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=AutoLaunchProtocolsFromOrigins) except that you can only use valid origins (not just hostnames). This also means that you cannot specify an asterisk for all origins.
+The syntax of this policy is exactly the same as the [Chrome AutoLaunchProtocolsFromOrigins policy](https://chromeenterprise.google/policies/#AutoLaunchProtocolsFromOrigins) except that you can only use valid origins (not just hostnames). This also means that you cannot specify an asterisk for all origins.
 
 The schema is:
 ```
@@ -2891,7 +2892,9 @@ If this policy is not configured, tracking protection is not enabled by default
 
 If `Value` is set to false, tracking protection is disabled and locked in both the regular browser and private browsing.
 
-If `Value` is set to true, tracking protection is enabled by default in both the regular browser and private browsing and the `Locked` value determines whether or not a user can change it.
+If `Value` is set to true, tracking protection is enabled by default in both the regular browser and private browsing.
+
+If `Locked` is set to true, users cannot change tracking protection values.
 
 If `Cryptomining` is set to true, cryptomining scripts on websites are blocked.
 
@@ -2905,9 +2908,15 @@ If `SuspectedFingerprinting` is set to true, Firefox reduces the amount of infor
 
 `Category` can be either ```strict``` or ```standard```. If category is set, it overrides all other settings except `Exceptions` and the user cannot change the category. (Firefox 142, Firefox ESR 140.2)
 
-**Compatibility:** Firefox 60, Firefox ESR 60 (Cryptomining and Fingerprinting added in 70/68.2, Exceptions added in 73/68.5. Category added in Firefox 142/140.2.)\
+IF `BaselineExceptions` is true, Firefox will automatically apply exceptions required to avoid major website breakage. (Firefox 145)
+
+If `ConvenienceExceptions`is true, Firefox will apply exceptions automatically that are only required to fix minor issues and make convenience features available. (Firefox 145)
+
+Note: Users can change `BaselineExceptions` and `ConvenienceExceptions` even when `Category` is set to ```strict``` unless `Locked` is set to true.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (Cryptomining and Fingerprinting added in 70/68.2, Exceptions added in 73/68.5. Category added in Firefox 142/140.2. BaselineExceptions and ConvenienceExceptions added in Firefox 145)\
 **CCK2 Equivalent:** N/A\
-**Preferences Affected:** `privacy.trackingprotection.enabled`, `privacy.trackingprotection.pbmode.enabled`, `privacy.trackingprotection.cryptomining.enabled`, `privacy.trackingprotection.fingerprinting.enabled`
+**Preferences Affected:** `privacy.trackingprotection.enabled`, `privacy.trackingprotection.pbmode.enabled`, `privacy.trackingprotection.cryptomining.enabled`, `privacy.trackingprotection.fingerprinting.enabled`, `privacy.fingerprintingProtection`, `privacy.trackingprotection.emailtracking.enabled`, `privacy.trackingprotection.emailtracking.pbmode.enabled`, `privacy.trackingprotection.allow_list.baseline.enabled`, `privacy.trackingprotection.allow_list.convenience.enabled`
 
 #### Windows (GPO)
 ```
@@ -2919,6 +2928,8 @@ Software\Policies\Mozilla\Firefox\EnableTrackingProtection\EmailTracking = 0x1 |
 Software\Policies\Mozilla\Firefox\EnableTrackingProtection\SuspectedFingerprinting = 0x1 | 0x0
 Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Exceptions\1 = "https://example.com"
 Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Category = "strict" | "standard"
+Software\Policies\Mozilla\Firefox\EnableTrackingProtection\BaselineExceptions = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\EnableTrackingProtection\ConvenienceExceptions = 0x1 | 0x0
 ```
 #### Windows (Intune)
 OMA-URI:
@@ -2986,6 +2997,22 @@ Value (string):
 ```
 <enabled/> or <disabled/>
 ```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~TrackingProtection/H_TrackingProtection_BaselineExceptions
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~TrackingProtection/H_TrackingProtection_ConvenienceExceptions
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
 #### macOS
 ```
 <dict>
@@ -3009,6 +3036,10 @@ Value (string):
     <array>
       <string>https://example.com</string>
     </array>
+    <key>BaselineExceptions</key>
+    <true/> | <false/>
+    <key>ConvenienceExceptions</key>
+    <true/> | <false/>
   </dict>
 </dict>
 ```
@@ -3024,7 +3055,9 @@ Value (string):
       "EmailTracking": true | false,
       "SuspectedFingerprinting": true | false,
       "Category": "strict" | "standard",
-      "Exceptions": ["https://example.com"]
+      "Exceptions": ["https://example.com"],
+      "BaselineExceptions": true | false,
+      "ConvenienceExceptions": true | false
     }
   }
 }
@@ -3619,6 +3652,77 @@ Value (string):
   }
 }
 ```
+### GenerativeAI
+
+Configure generative AI features.
+
+`Enabled` Controls whether generative AI features are enabled by default. If false, all generative AI features are disabled by default. Individual generative AI policies can override this setting.
+
+`Chatbot` Controls access to AI chatbots in the sidebar. If false, AI chatbots are not available in the sidebar.
+
+`LinkPreviews` (Firefox 144+) Controls whether AI is used to generate link previews. If false, AI is not used to generate link previews.
+
+`TabGroups` (Firefox 144+) Controls whether AI is used to suggest names and tabs for tab groups. If false, AI is not used to suggest names or tabs for tab groups.
+
+`Locked` Prevents the user from changing generative AI preferences.
+
+**Compatibility:** Firefox 144, Firefox ESR 140.4\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.ml.chat.enabled`, `browser.ml.chat.page`, `browser.ml.linkPreview.optin`, `browser.tabs.groups.smart.userEnabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\GenerativeAI\Enabled = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\GenerativeAI\Chatbot = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\GenerativeAI\LinkPreviews = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\GenerativeAI\TabGroups = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\GenerativeAI\Locked = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_Enabled
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_Chatbot
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_LinkPreviews
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_TabGroups
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_Locked
+```
+Value (string):
+```
+<enabled/> or <disabled/>
+```
+#### macOS
+```
+<dict>
+  <key>GenerativeAI</key>
+  <dict>
+    <key>Enabled</key>
+    <true/> | <false/>
+    <key>Chatbot</key>
+    <true/> | <false/>
+    <key>LinkPreviews</key>
+    <true/> | <false/>
+    <key>TabGroups</key>
+    <true/> | <false/>
+    <key>Locked</key>
+    <true/> | <false/>
+  </dict>
+</dict>
+```
+#### policies.json
+```
+{
+  "policies": {
+    "GenerativeAI": {
+      "Enabled": true | false,
+      "Chatbot": true | false,
+      "LinkPreviews": true | false,
+      "TabGroups": true | false,
+      "Locked": true | false
+    }
+  }
+}
+```
 ### GoToIntranetSiteForSingleWordEntryInAddressBar
 Whether to always go through the DNS server before sending a single word search string to a search engine.
 
@@ -6171,8 +6275,6 @@ or
   }
 }
 ```
-<a name="SanitizeOnShutdown"></a>
-
 ### SanitizeOnShutdown (Selective)
 Clear data on shutdown.
 
@@ -6376,8 +6478,6 @@ Value (string):
   }
 }
 ```
-<a name="SearchEngines"></a>
-
 ### SearchEngines
 
 As of Firefox 139, this policy is available in all versions of Firefox.