X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/dbfd325f63ac586ff676212c4d0d3897fabc71c7..e9ac7b1223d2cb961c5c7ef04fafb1405afbab42:/docs/index.md
diff --git a/docs/index.md b/docs/index.md
index 96b341a..b524d19 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -30,6 +30,7 @@ Note: The `policies.json` must use the UTF-8 encoding.
| **[`BlockAboutConfig`](#blockaboutconfig)** | Block access to about:config.
| **[`BlockAboutProfiles`](#blockaboutprofiles)** | Block access to About Profiles (about:profiles).
| **[`BlockAboutSupport`](#blockaboutsupport)** | Block access to Troubleshooting Information (about:support).
+| **[`BrowserDataBackup`](#browserdatabackup)** | Disable backup or restore of profile data.
| **[`Bookmarks`](#bookmarks)** | Add bookmarks in either the bookmarks toolbar or menu.
| **[`CaptivePortal`](#captiveportal)** | Enable or disable the detection of captive portals.
| **[`Certificates`](#certificates)** |
@@ -132,6 +133,7 @@ Note: The `policies.json` must use the UTF-8 encoding.
| **[`TranslateEnabled`](#translateenabled)** | Enable or disable webpage translation.
| **[`UserMessaging`](#usermessaging)** | Don't show certain messages to the user.
| **[`UseSystemPrintDialog`](#usesystemprintdialog)** | Print using the system print dialog instead of print preview.
+| **[`VisualSearchEnabled`](#visualsearchenabled)** | Enable or disable visual search.
| **[`WebsiteFilter`](#websitefilter)** | Block websites from being visited.
| **[`WindowsSSO`](#windowssso)** | Allow Windows single sign-on for Microsoft, work, and school accounts.
@@ -613,7 +615,7 @@ Value (string):
### AutoLaunchProtocolsFromOrigins
Define a list of external protocols that can be used from listed origins without prompting the user. The origin is the scheme plus the hostname.
-The syntax of this policy is exactly the same as the [Chrome AutoLaunchProtocolsFromOrigins policy](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=AutoLaunchProtocolsFromOrigins) except that you can only use valid origins (not just hostnames). This also means that you cannot specify an asterisk for all origins.
+The syntax of this policy is exactly the same as the [Chrome AutoLaunchProtocolsFromOrigins policy](https://chromeenterprise.google/policies/#AutoLaunchProtocolsFromOrigins) except that you can only use valid origins (not just hostnames). This also means that you cannot specify an asterisk for all origins.
The schema is:
```
@@ -902,6 +904,72 @@ Value (string):
}
}
```
+
+
+
+
+
+### BrowserDataBackup
+Clear data on shutdown.
+
+`AllowBackup`
+
+`AllowRestore`
+
+**Compatibility:** Firefox 146
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.backup.enabled`, `browser.backup.archive.enabled`, `browser.backup.restore.enabled`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\BrowserDataBackup\AllowBackup = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\BrowserDataBackup\AllowRestore = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~BrowserDataBackup/BrowserDataBackup_AllowBackup
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~BrowserDataBackup/BrowserDataBackup_AllowRestore
+```
+Value (string):
+```
+ or
+```
+#### macOS
+```
+
+ BrowserDataBackup
+
+ AllowBackup
+ |
+ AllowRestore
+ |
+
+
+```
+#### policies.json
+```
+{
+ "policies": {
+ "BrowserDataBackup": {
+ "AllowBackup": true | false,
+ "AllowRestore": true | false
+ }
+ }
+}
+```
+
+
+
+
+
### Bookmarks
Note: [`ManagedBookmarks`](#managedbookmarks) is the new recommended way to add bookmarks. This policy will continue to be supported.
@@ -2891,7 +2959,9 @@ If this policy is not configured, tracking protection is not enabled by default
If `Value` is set to false, tracking protection is disabled and locked in both the regular browser and private browsing.
-If `Value` is set to true, tracking protection is enabled by default in both the regular browser and private browsing and the `Locked` value determines whether or not a user can change it.
+If `Value` is set to true, tracking protection is enabled by default in both the regular browser and private browsing.
+
+If `Locked` is set to true, users cannot change tracking protection values.
If `Cryptomining` is set to true, cryptomining scripts on websites are blocked.
@@ -2905,9 +2975,15 @@ If `SuspectedFingerprinting` is set to true, Firefox reduces the amount of infor
`Category` can be either ```strict``` or ```standard```. If category is set, it overrides all other settings except `Exceptions` and the user cannot change the category. (Firefox 142, Firefox ESR 140.2)
-**Compatibility:** Firefox 60, Firefox ESR 60 (Cryptomining and Fingerprinting added in 70/68.2, Exceptions added in 73/68.5. Category added in Firefox 142/140.2.)\
+IF `BaselineExceptions` is true, Firefox will automatically apply exceptions required to avoid major website breakage. (Firefox 145)
+
+If `ConvenienceExceptions`is true, Firefox will apply exceptions automatically that are only required to fix minor issues and make convenience features available. (Firefox 145)
+
+Note: Users can change `BaselineExceptions` and `ConvenienceExceptions` even when `Category` is set to ```strict``` unless `Locked` is set to true.
+
+**Compatibility:** Firefox 60, Firefox ESR 60 (Cryptomining and Fingerprinting added in 70/68.2, Exceptions added in 73/68.5. Category added in Firefox 142/140.2. BaselineExceptions and ConvenienceExceptions added in Firefox 145)\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `privacy.trackingprotection.enabled`, `privacy.trackingprotection.pbmode.enabled`, `privacy.trackingprotection.cryptomining.enabled`, `privacy.trackingprotection.fingerprinting.enabled`
+**Preferences Affected:** `privacy.trackingprotection.enabled`, `privacy.trackingprotection.pbmode.enabled`, `privacy.trackingprotection.cryptomining.enabled`, `privacy.trackingprotection.fingerprinting.enabled`, `privacy.fingerprintingProtection`, `privacy.trackingprotection.emailtracking.enabled`, `privacy.trackingprotection.emailtracking.pbmode.enabled`, `privacy.trackingprotection.allow_list.baseline.enabled`, `privacy.trackingprotection.allow_list.convenience.enabled`
#### Windows (GPO)
```
@@ -2919,6 +2995,8 @@ Software\Policies\Mozilla\Firefox\EnableTrackingProtection\EmailTracking = 0x1 |
Software\Policies\Mozilla\Firefox\EnableTrackingProtection\SuspectedFingerprinting = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Exceptions\1 = "https://example.com"
Software\Policies\Mozilla\Firefox\EnableTrackingProtection\Category = "strict" | "standard"
+Software\Policies\Mozilla\Firefox\EnableTrackingProtection\BaselineExceptions = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\EnableTrackingProtection\ConvenienceExceptions = 0x1 | 0x0
```
#### Windows (Intune)
OMA-URI:
@@ -2986,6 +3064,22 @@ Value (string):
```
or
```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~TrackingProtection/H_TrackingProtection_BaselineExceptions
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~TrackingProtection/H_TrackingProtection_ConvenienceExceptions
+```
+Value (string):
+```
+ or
+```
#### macOS
```
@@ -3009,6 +3103,10 @@ Value (string):
https://example.com
+ BaselineExceptions
+ |
+ ConvenienceExceptions
+ |
```
@@ -3024,7 +3122,9 @@ Value (string):
"EmailTracking": true | false,
"SuspectedFingerprinting": true | false,
"Category": "strict" | "standard",
- "Exceptions": ["https://example.com"]
+ "Exceptions": ["https://example.com"],
+ "BaselineExceptions": true | false,
+ "ConvenienceExceptions": true | false
}
}
}
@@ -3464,7 +3564,7 @@ Value (string):
### FirefoxHome
Customize the Firefox Home page.
-**Compatibility:** Firefox 68, Firefox ESR 68 (SponsoredTopSites and SponsoredPocket were added in Firefox 95, Firefox ESR 91.4, Snippets was deprecated in Firefox 122, Stories and SponsoredStories were added in Firefox 141 to replace Pocket and SponsoredPocket.)
+**Compatibility:** Firefox 68, Firefox ESR 68 (SponsoredTopSites and SponsoredPocket were added in Firefox 95, Firefox ESR 91.4, Snippets was deprecated in Firefox 122, Stories and SponsoredStories were added in Firefox 141 to replace Pocket and SponsoredPocket.)\
**CCK2 Equivalent:** N/A\
**Preferences Affected:** `browser.newtabpage.activity-stream.showSearch`, `browser.newtabpage.activity-stream.feeds.topsites`, `browser.newtabpage.activity-stream.feeds.section.highlights`, `browser.newtabpage.activity-stream.feeds.section.topstories`, `browser.newtabpage.activity-stream.feeds.snippets`, `browser.newtabpage.activity-stream.showSponsoredTopSites`, `browser.newtabpage.activity-stream.showSponsored`
@@ -3623,20 +3723,23 @@ Value (string):
Configure generative AI features.
-`Chatbot` If false, AI chatbots are not available in the sidebar.
+`Enabled` Controls whether generative AI features are enabled by default. If false, all generative AI features are disabled by default. Individual generative AI policies can override this setting.
+
+`Chatbot` Controls access to AI chatbots in the sidebar. If false, AI chatbots are not available in the sidebar.
-`LinkPreviews` If false, AI is not used to generate link previews (Firefox 144).
+`LinkPreviews` (Firefox 144+) Controls whether AI is used to generate link previews. If false, AI is not used to generate link previews.
-`TabGroups` If false, AI is not used to suggest names and tabs for tab groups (Firefox 144).
+`TabGroups` (Firefox 144+) Controls whether AI is used to suggest names and tabs for tab groups. If false, AI is not used to suggest names or tabs for tab groups.
-`Locked` prevents the user from changing generative AI preferences.
+`Locked` Prevents the user from changing generative AI preferences.
**Compatibility:** Firefox 144, Firefox ESR 140.4\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `browser.ml.chat.enabled`, `browser.ml.linkPreview.optin`, `browser.tabs.groups.smart.userEnabled`
+**Preferences Affected:** `browser.ml.chat.enabled`, `browser.ml.chat.page`, `browser.ml.linkPreview.optin`, `browser.tabs.groups.smart.userEnabled`
#### Windows (GPO)
```
+Software\Policies\Mozilla\Firefox\GenerativeAI\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\GenerativeAI\Chatbot = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\GenerativeAI\LinkPreviews = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\GenerativeAI\TabGroups = 0x1 | 0x0
@@ -3645,6 +3748,7 @@ Software\Policies\Mozilla\Firefox\GenerativeAI\Locked = 0x1 | 0x0
#### Windows (Intune)
OMA-URI:
```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_Enabled
./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_Chatbot
./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_LinkPreviews
./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~GenerativeAI/GenerativeAI_TabGroups
@@ -3659,6 +3763,8 @@ Value (string):
GenerativeAI
+ Enabled
+ |
Chatbot
|
LinkPreviews
@@ -3675,6 +3781,7 @@ Value (string):
{
"policies": {
"GenerativeAI": {
+ "Enabled": true | false,
"Chatbot": true | false,
"LinkPreviews": true | false,
"TabGroups": true | false,
@@ -6235,8 +6342,6 @@ or
}
}
```
-
-
### SanitizeOnShutdown (Selective)
Clear data on shutdown.
@@ -7213,6 +7318,41 @@ Value (string):
}
}
```
+### VisualSearchEnabled
+Enable or disable visual search.
+
+**Compatibility:** Firefox 144\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** `browser.search.visualSearch.featureGate`
+
+#### Windows (GPO)
+```
+Software\Policies\Mozilla\Firefox\VisualSearchEnabled = 0x1 | 0x0
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/VisualSearchEnabled
+```
+Value (string):
+```
+ or
+```
+#### macOS
+```
+
+ VisualSearchEnabled
+ |
+
+```
+#### policies.json
+```
+{
+ "policies": {
+ "VisualSearchEnabled": true | false
+ }
+}
+```
### WebsiteFilter
Block websites from being visited. The parameters take an array of Match Patterns, as documented in https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Match_patterns.
The arrays are limited to 1000 entries each.