X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/ce119070a59c392d4449329342bdb110f50ffe0c..ebbc26bde0d4591515b0ae17b1baff173c4f90bc:/README.md?ds=sidebyside

diff --git a/README.md b/README.md
index f62e6e9..77b8f74 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,5 @@
+**IMPORTANT**: Complete Firefox 68 policies will be released later today.
+
 **IMPORTANT**: This file is in active development along with the policies in Firefox. Make sure to check the compatibility section to see if a policy is available in a specific version of Firefox. To get the policy information that corresponds to a specific release, go to https://github.com/mozilla/policy-templates/releases.
 
 Policies can be specified using the Group Policy templates on Windows (https://github.com/mozilla/policy-templates/tree/master/windows), configuration profiles on macOS (https://github.com/mozilla/policy-templates/tree/master/mac), or by creating a file called `policies.json`. On Windows, create a directory called `distribution` where the EXE is located and place the file there. On Mac, the file goes into `Firefox.app/Contents/Resources/distribution`.  On Linux, the file goes into `firefox/distribution`, where `firefox` is the installation directory for firefox, which varies by distribution.
@@ -31,14 +33,16 @@ Policies can be specified using the Group Policy templates on Windows (https://g
 | **[`DisablePrivateBrowsing`](#disableprivatebrowsing)** | Remove access to private browsing.
 | **[`DisableProfileImport`](#disableprofileimport)** | Disables the "Import data from another browser" option in the bookmarks window.
 | **[`DisableProfileRefresh`](#disableprofilerefresh)** | Disable the Refresh Firefox button on about:support and support.mozilla.org
-| **[`DisableSafeMode`](#disablesafemode)** | Disable safe mode.
+| **[`DisableSafeMode`](#disablesafemode)** | Disable safe mode within the browser.
 | **[`DisableSecurityBypass`](#disablesecuritybypass)** | Prevent the user from bypassing security in certain cases.
 | **[`DisableSystemAddonUpdate`](#disablesystemaddonupdate)** | Prevent system add-ons from being installed or update.
 | **[`DisableTelemetry`](#disabletelemetry)** | DisableTelemetry
 | **[`DisplayBookmarksToolbar`](#displaybookmarkstoolbar)** | Set the initial state of the bookmarks toolbar.
-| **[`DisplayMenuBar`](#displaymenubar)** | Set the initial state of the menubar
+| **[`DisplayMenuBar`](#displaymenubar)** | Set the initial state of the menubar.
 | **[`DNSOverHTTPS`](#dnsoverhttps)** | Configure DNS over HTTPS.
 | **[`DontCheckDefaultBrowser`](#dontcheckdefaultbrowser)** | Don't check if Firefox is the default browser at startup.
+| **[`DefaultDownloadDirectory`](#defaultdownloaddirectory)** | Set the default download directory.
+| **[`DownloadDirectory`](#downloaddirectory)** | Set and lock the download directory.
 | **[`EnableTrackingProtection`](#enabletrackingprotection)** | Configure tracking protection.
 | **[`Extensions`](#extensions)** | Control the installation, uninstallation and locking of extensions.
 | **[`ExtensionUpdate`](#extensionupdate)** | Control extension updates.
@@ -46,16 +50,21 @@ Policies can be specified using the Group Policy templates on Windows (https://g
 | **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration.
 | **[`Homepage`](#homepage)** | Configure the default homepage and how Firefox starts.
 | **[`InstallAddonsPermission`](#installaddonspermission)** | Configure the default extension install policy as well as origins for extension installs are allowed.
+| **[`LocalFileLinks`](#localfilelinks)** | Enable linking to local files by origin.
 | **[`NetworkPrediction`](#networkprediction)** | Enable or disable network prediction (DNS prefetching).
+| **[`NewTabPage`](#newtabpage)** | Enable or disable the New Tab page.
 | **[`NoDefaultBookmarks`](#nodefaultbookmarks)** | Disable the creation of default bookmarks.
 | **[`OfferToSaveLogins`](#offertosavelogins)** | Control whether or not Firefox offers to save passwords.
 | **[`OverrideFirstRunPage`](#overridefirstrunpage)** | Override the first run page.
 | **[`OverridePostUpdatePage`](#overridepostupdatepage)** | Override the upgrade page.
-| **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
 | **[`Permissions`](#permissions)** | Set permissions associated with camera, microphone, location, and notifications.
+| **[`PopupBlocking`](#popupblocking)** | Configure the default pop-up window policy as well as origins for which pop-up windows are allowed.
+| **[`Preferences`](#preferences)** | Set and lock some preferences.
+| **[`PromptForDownloadLocation`](#promptfordownloadlocation)** | Ask where to save each file before downloading.
 | **[`Proxy`](#proxy)** | Configure proxy settings.
 | **[`RequestedLocales`](#requestedlocales)** | Set the the list of requested locales for the application in order of preference.
-| **[`SanitizeOnShutdown`](#sanitizeonshutdown)** | Clear all data on shutdown.
+| **[`SanitizeOnShutdown` (All)](#sanitizeonshutdown-all)** | Clear all data on shutdown.
+| **[`SanitizeOnShutdown` (Selective)](#sanitizeonshutdown-selective)** | Clear data on shutdown.
 | **[`SearchBar`](#searchbar)** | Set whether or not search bar is displayed.
 | **[`SearchEngines`](#searchengines-this-policy-is-only-available-on-the-esr)** |
 | **[`SearchEngines -> Default`](#searchengines--default)** | Set the default search engine.
@@ -63,6 +72,7 @@ Policies can be specified using the Group Policy templates on Windows (https://g
 | **[`SearchEngines -> Remove`](#searchengines--remove)** | Hide built-in search engines.
 | **[`SearchEngines -> Add`](#searchengines--add)** | Add new search engines.
 | **[`SecurityDevices`](#securitydevices)** | Install PKCS #11 modules.
+| **[`SearchSuggestEnabled`](#searchsuggestenabled)** | Enable search suggestions.
 | **[`SSLVersionMax`](#sslversionmax)** | Set and lock the maximum version of TLS.
 | **[`SSLVersionMin`](#sslversionmin)** | Set and lock the minimum version of TLS.
 | **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited.
@@ -907,7 +917,9 @@ Software\Policies\Mozilla\Firefox\DisableProfileRefresh = 0x1 | 0x0
 }
 ```
 ### DisableSafeMode
-Disable safe mode.
+Disable safe mode within the browser.
+
+On Windows, this disables safe mode via the command line as well.
 
 **Compatibility:** Firefox 60, Firefox ESR 60 (Windows, macOS)\
 **CCK2 Equivalent:** `disableSafeMode`\
@@ -1147,6 +1159,60 @@ Software\Policies\Mozilla\Firefox\DontCheckDefaultBrowser = 0x1 | 0x0
   }
 }
 ```
+### DefaultDownloadDirectory
+Set the default download directory.
+
+You can use ${home} for the native home directory.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.dir`,`browser.download.folderList`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\DefaultDownloadDirectory = "${home}\Downloads"
+```
+#### macOS
+```
+<dict>
+  <key>DefaultDownloadDirectory</key>
+  <string>${home}/Downloads</string>
+</dict>
+```
+#### JSON
+```
+{
+  "policies": {
+    "DefaultDownloadDirectory": "${home}/Downloads"
+}
+```
+### DownloadDirectory
+Set and lock the download directory.
+
+You can use ${home} for the native home directory.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.download.dir`,`browser.download.folderList`,`browser.download.useDownloadDir`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\DownloadDirectory = "${home}\Downloads"
+```
+#### macOS
+```
+<dict>
+  <key>DownloadDirectory</key>
+  <string>${home}/Downloads</string>
+</dict>
+```
+#### JSON
+```
+{
+  "policies": {
+    "DownloadDirectory": "${home}/Downloads"
+}
+```
 ### EnableTrackingProtection
 Configure tracking protection.
 
@@ -1450,6 +1516,37 @@ Software\Policies\Mozilla\Firefox\InstallAddonsPermission\Default = 0x1 | 0x0
   }
 }
 ```
+### LocalFileLinks
+Enable linking to local files by origin.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `capability.policy.localfilelinks.*`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\LocalFileLinks\1 = "https://example.org"
+Software\Policies\Mozilla\Firefox\LocalFileLinks\2 = "https://example.edu"
+```
+#### macOS
+```
+<dict>
+  <key>LocalFileLinks</key>
+  <array>
+    <string>http://example.org</string>
+    <string>http://example.edu</string>
+  </array>
+</dict>
+```
+#### JSON
+```
+{
+  "policies": {
+    "LocalFileLinks": ["http://example.org/",
+                       "http://example.edu/"]
+  }
+}
+```
 ### NoDefaultBookmarks
 Disable the creation of default bookmarks.
 
@@ -1479,7 +1576,7 @@ Software\Policies\Mozilla\Firefox\NoDefaultBookmarks = 0x1 | 0x0
 }
 ```
 ### NetworkPrediction
-Enable or disable  network prediction (DNS prefetching).
+Enable or disable network prediction (DNS prefetching).
 
 **Compatibility:** Firefox 67, Firefox ESR 60.7\
 **CCK2 Equivalent:** N/A\
@@ -1503,6 +1600,31 @@ Software\Policies\Mozilla\Firefox\NetworkPrediction = 0x1 | 0x0
     "NetworkPrediction": true | false
 }
 ```
+### NewTabPage
+Enable or disable the New Tab page.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.newtabpage.enabled`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\NewTabPage = 0x1 | 0x0
+```
+#### macOS
+```
+<dict>
+  <key>NewTabPage</key>
+  <true/> | <false/>
+</dict>
+```
+#### JSON
+```
+{
+  "policies": {
+    "NewTabPage": true | false
+}
+```
 ### OfferToSaveLogins
 Control whether or not Firefox offers to save passwords.
 
@@ -1551,7 +1673,7 @@ Software\Policies\Mozilla\Firefox\OverrideFirstRunPage = "http://example.org"
 ```
 {
   "policies": {
-    "OverrideFirstRunPage": ""http://example.org""
+    "OverrideFirstRunPage": "http://example.org"
 }
 ```
 ### OverridePostUpdatePage
@@ -1576,7 +1698,7 @@ Software\Policies\Mozilla\Firefox\OverridePostUpdatePage = "http://example.org"
 ```
 {
   "policies": {
-    "OverridePostUpdatePage": ""http://example.org""
+    "OverridePostUpdatePage": "http://example.org"
 }
 ```
 ### Permissions
@@ -1764,8 +1886,95 @@ Software\Policies\Mozilla\Firefox\PopupBlocking\Locked = 0x1 | 0x0
   }
 }
 ```
+### Preferences
+Set and lock certain preferences.
+
+**Compatibility:** See below\
+**CCK2 Equivalent:** `preferences`\
+**Preferences Affected:** See below
+
+| Preference | Type | Compatibility
+| --- | --- | ---
+| app.update.auto | boolean | Firefox 68, Firefox 68 ESR
+| browser.cache.disk.enable | boolean | Firefox 68, Firefox 68 ESR
+| browser.cache.disk.parent_directory | string | Firefox 68, Firefox 68 ESR
+| browser.fixup.dns_first_for_single_words | boolean | Firefox 68, Firefox 68 ESR
+| browser.search.update | boolean | Firefox 68, Firefox 68 ESR
+| browser.tabs.warnOnClose | boolean | Firefox 68, Firefox 68 ESR
+| browser.urlbar.suggest.bookmark | boolean | Firefox 68, Firefox 68 ESR
+| browser.urlbar.suggest.history | boolean | Firefox 68, Firefox 68 ESR
+| browser.urlbar.suggest.openpage | boolean | Firefox 68, Firefox 68 ESR
+| datareporting.policy.dataSubmissionPolicyBypassNotification | boolean | Firefox 68, Firefox 68 ESR
+| dom.disable_window_flip | boolean | Firefox 68, Firefox 68 ESR
+| dom.disable_window_move_resize | boolean | Firefox 68, Firefox 68 ESR
+| dom.event.contextmenu.enabled | boolean | Firefox 68, Firefox 68 ESR
+| dom.keyboardevent.keypress.hack.dispatch_non_printable_keys.addl | string | Firefox 68, Firefox 68 ESR
+| dom.keyboardevent.keypress.hack.use_legacy_keycode_and_charcode.addl | string | Firefox 68, Firefox 68 ESR
+| extensions.getAddons.showPane | boolean | Firefox 68, Firefox 68 ESR
+| media.gmp-gmpopenh264.enabled | boolean | Firefox 68, Firefox 68 ESR
+| media.gmp-widevinecdm.enabled | boolean | Firefox 68, Firefox 68 ESR
+| network.dns.disableIPv6 | boolean | Firefox 68, Firefox 68 ESR
+| network.IDN_show_punycode | boolean | Firefox 68, Firefox 68 ESR
+| places.history.enabled | boolean | Firefox 68, Firefox 68 ESR
+| security.default_personal_cert | string | Firefox 68, Firefox 68 ESR
+| security.ssl.errorReporting.enabled | boolean | Firefox 68, Firefox 68 ESR
+| ui.key.menuAccessKeyFocuses | boolean | Firefox 68, Firefox 68 ESR
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\Preferences\boolean_preference_name = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Preferences\string_preference_name = "string_value"
+```
+#### macOS
+```
+<dict>
+  <key>Preference</key>
+  <dict>
+    <key>boolean_preference_name</key>
+    <true/> | <false/>
+    <key>string_preference_name</key>
+    <string>string_value</string>
+  </dict>
+</dict>
+```
+#### JSON
+```
+{
+  "policies": {
+    "Preference": {
+      "boolean_preference_name": true | false,
+      "string_preference_name": "string_value"
+    }
+  }
+}
+```
+### PromptForDownloadLocation
+Ask where to save each file before downloading.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A
+**Preferences Affected:** `browser.download.useDownloadDir`
+
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\PromptForDownloadLocation = 0x1 | 0x0
+```
+#### macOS
+```
+<dict>
+  <key>PromptForDownloadLocation</key>
+  <true/> | <false/>
+</dict>
+```
+#### JSON
+```
+{
+  "policies": {
+    "PromptForDownloadLocation": true | false
+  }
+}
+```
 ### Proxy
-Configugre proxy settings. These settings correspond to the connection settings in Firefox preferences.
+Configure proxy settings. These settings correspond to the connection settings in Firefox preferences.
 To specify ports, append them to the hostnames with a colon (:).
 
 `Mode` is the proxy method being used.
@@ -1893,12 +2102,70 @@ Software\Policies\Mozilla\Firefox\RequestedLocales\2 = "en-US"
   }
 }
 ```
-### SanitizeOnShutdown
+### SanitizeOnShutdown (Selective)
+Clear data on shutdown. Choose from Cache, Cookies, Download History, Form & Search History, Browsing History, Active Logins, Site Preferences and Offline Website Data.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown`,`privacy.clearOnShutdown.cache`,`privacy.clearOnShutdown.cookies`,`privacy.clearOnShutdown.downloads`,`privacy.clearOnShutdown.formdata`,`privacy.clearOnShutdown.history`,`privacy.clearOnShutdown.sessions`,`privacy.clearOnShutdown.siteSettings`,`privacy.clearOnShutdown.offlineApps`
+#### Windows
+```
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cache = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cookies = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Downloads = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\FormData = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\History = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Sessions = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\SiteSettings = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\OfflineApps = 0x1 | 0x0
+```
+#### macOS
+```
+<dict>
+  <key>SanitizeOnShutdown</key>
+  <dict>
+    <key>Cache</key>
+    <true/> | <false/>
+    <key>Cookies</key>
+    <true/> | <false/>
+    <key>Downloads</key>
+    <true/> | <false/>
+    <key>FormData</key>
+    <true/> | <false/>
+    <key>History</key>
+    <true/> | <false/>
+    <key>Sessions</key>
+    <true/> | <false/>
+    <key>SiteSettings</key>
+    <true/> | <false/>
+    <key>OfflineApps</key>
+    <true/> | <false/>
+  </dict>
+</dict>
+```
+#### JSON
+```
+{
+  "policies": {
+    "SanitizeOnShutdown": {
+      "Cache": true | false,
+      "Cookies": true | false,
+      "Downloads": true | false,
+      "FormData": true | false,
+      "History": true | false,
+      "Sessions": true | false,
+      "SiteSettings": true | false,
+      "OfflineApps": true | false
+    }
+  }
+}
+```
+### SanitizeOnShutdown (All)
 Clear all data on shutdown, including Browsing & Download History, Cookies, Active Logins, Cache, Form & Search History, Site Preferences and Offline Website Data.
 
 **Compatibility:** Firefox 60, Firefox ESR 60\
 **CCK2 Equivalent:** N/A\
-**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown,privacy.clearOnShutdown.cache,privacy.clearOnShutdown.cookies,privacy.clearOnShutdown.downloads,privacy.clearOnShutdown.formdata,privacy.clearOnShutdown.history,privacy.clearOnShutdown.sessions,privacy.clearOnShutdown.siteSettings,privacy.clearOnShutdown.offlineApps`
+**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown`,`privacy.clearOnShutdown.cache`,`privacy.clearOnShutdown.cookies`,`privacy.clearOnShutdown.downloads`,`privacy.clearOnShutdown.formdata`,`privacy.clearOnShutdown.history`,`privacy.clearOnShutdown.sessions`,`privacy.clearOnShutdown.siteSettings`,`privacy.clearOnShutdown.offlineApps`
 #### Windows
 ```
 Software\Policies\Mozilla\Firefox\SanitizeOnShutdown = 0x1 | 0x0
@@ -2128,6 +2395,33 @@ Software\Policies\Mozilla\Firefox\SearchEngines\Add\1\SuggestURLTemplate = "http
   }
 }
 ```
+### SearchSuggestEnabled
+
+Enable search suggestions.
+
+**Compatibility:** Firefox 68, Firefox ESR 68\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.urlbar.suggest.searches`,`browser.search.suggest.enabled`
+
+### Windows
+```
+Software\Policies\Mozilla\Firefox\SearchSuggestEnabled = 0x1 | 0x0
+```
+#### macOS
+```
+<dict>
+  <key>SearchSuggestEnabled</key>
+  <true/> | <false/>
+</dict>
+```
+### JSON
+```
+{
+  "policies": {
+    "SearchSuggestEnabled": true | false
+  }
+}
+```
 ### SecurityDevices
 
 Install PKCS #11 modules.