X-Git-Url: https://git.p6c8.net/policy-templates.git/blobdiff_plain/f89cfebfb4c0e540b122d1b14be5ec968988a1c9..e6004dfe64fc363423d3960d73c7bb82e3e4d5bc:/docs/index.md diff --git a/docs/index.md b/docs/index.md index 8cda2fd..b3af8a1 100644 --- a/docs/index.md +++ b/docs/index.md @@ -587,6 +587,8 @@ If set to false, the application will not try to install updates when the applic If you have disabled updates via `DisableAppUpdate` or disabled automatic updates via `AppAutoUpdate`, this policy has no effect. +If you are having trouble getting the background task to run, verify your configuration with the ["Requirements to run" section in this support document](https://support.mozilla.org/en-US/kb/enable-background-updates-firefox-windows). + **Compatibility:** Firefox 90 (Windows only)\ **CCK2 Equivalent:** N/A\ **Preferences Affected:** `app.update.background.enabled` @@ -1979,6 +1981,8 @@ Prevent the user from bypassing security in certain cases. `SafeBrowsing` prevents selecting "ignore the risk" and visiting a harmful site anyway. +These policies only affect what happens when an error is shown, they do not affect any settings in preferences. + **Compatibility:** Firefox 60, Firefox ESR 60\ **CCK2 Equivalent:** N/A\ **Preferences Affected:** `security.certerror.hideAddException`, `browser.safebrowsing.allowOverride` @@ -2257,7 +2261,9 @@ Configure DNS over HTTPS. `ExcludedDomains` excludes domains from DNS over HTTPS. -**Compatibility:** Firefox 63, Firefox ESR 68 (ExcludedDomains added in 75/68.7)\ +`Fallback` determines whether or not Firefox will use your default DNS resolver if there is a problem with the secure DNS provider. + +**Compatibility:** Firefox 63, Firefox ESR 68 (ExcludedDomains added in 75/68.7) (Fallback added in 124)\ **CCK2 Equivalent:** N/A\ **Preferences Affected:** `network.trr.mode`, `network.trr.uri` @@ -2267,6 +2273,7 @@ Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Enabled = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ProviderURL = "URL_TO_ALTERNATE_PROVIDER" Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Locked = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ExcludedDomains\1 = "example.com" +Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Fallback = 0x1 | 0x0 ``` #### Windows (Intune) OMA-URI: @@ -2303,6 +2310,14 @@ Value (string): ``` +OMA-URI: +``` +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DNSOverHTTPS/DNSOverHTTPS_Fallback +``` +Value (string): +``` + or +``` #### macOS ``` @@ -2318,6 +2333,8 @@ Value (string): example.com + Fallback + | ``` @@ -2329,7 +2346,8 @@ Value (string): "Enabled": true | false, "ProviderURL": "URL_TO_ALTERNATE_PROVIDER", "Locked": true | false, - "ExcludedDomains": ["example.com"] + "ExcludedDomains": ["example.com"], + "Fallback": true | false, } } } @@ -2650,7 +2668,9 @@ Value (string): ### Extensions Control the installation, uninstallation and locking of extensions. -While this policy is not technically deprecated, it is recommended that you use the **[`ExtensionSettings`](#extensionsettings)** policy. It has the same functionality and adds more. It does not support native paths, though, so you'll have to use file:/// URLs. +We strongly recommend that you use the **[`ExtensionSettings`](#extensionsettings)** policy. It has the same functionality and adds more. It does not support native paths, though, so you'll have to use file:/// URLs. + +This method will be deprecated in the near future. `Install` is a list of URLs or native paths for extensions to be installed. @@ -2897,7 +2917,7 @@ Value (string): ### FirefoxHome Customize the Firefox Home page. -**Compatibility:** Firefox 68, Firefox ESR 68 (SponsoredTopSites and SponsoredPocket were added in Firefox 95, Firefox ESR 91.4) +**Compatibility:** Firefox 68, Firefox ESR 68 (SponsoredTopSites and SponsoredPocket were added in Firefox 95, Firefox ESR 91.4, Snippets was deprecated in Firefox 122) **CCK2 Equivalent:** N/A\ **Preferences Affected:** `browser.newtabpage.activity-stream.showSearch`, `browser.newtabpage.activity-stream.feeds.topsites`, `browser.newtabpage.activity-stream.feeds.section.highlights`, `browser.newtabpage.activity-stream.feeds.section.topstories`, `browser.newtabpage.activity-stream.feeds.snippets`, `browser.newtabpage.activity-stream.showSponsoredTopSites`, `browser.newtabpage.activity-stream.showSponsored` @@ -4127,7 +4147,7 @@ Note: DisableBuiltinPDFViewer has not been deprecated. You can either continue t **Compatibility:** Firefox 77, Firefox ESR 68.9\ **CCK2 Equivalent:** N/A\ -**Preferences Affected:** `pdfjs.diabled`, `pdfjs.enablePermissions` +**Preferences Affected:** `pdfjs.disabled`, `pdfjs.enablePermissions` #### Windows (GPO) ``` @@ -4579,7 +4599,8 @@ Previously you could only set and lock a subset of preferences. Starting with Fi Preferences that start with the following prefixes are supported: ``` accessibility. -app.update.* (Firefox 86, Firefox 78.8) +alerts.* (Firefox 122, Firefox ESR 115.7) +app.update.* (Firefox 86, Firefox ESR 78.8) browser. datareporting.policy. dom. @@ -4612,6 +4633,10 @@ as well as the following security preferences: | --- | --- | --- | | security.default_personal_cert | string | Ask Every Time |     If set to Select Automatically, Firefox automatically chooses the default personal certificate. +| security.disable_button.openCertManager | string | N/A +|     If set to true and locked, the View Certificates button in preferences is disabled (Firefox 121, Firefox ESR 115.6) +| security.disable_button.openDeviceManager | string | N/A +|     If set to true and locked, the Security Devices button in preferences is disabled (Firefox 121, Firefox ESR 115.6) | security.insecure_connection_text.enabled | bool | false |     If set to true, adds the words "Not Secure" for insecure sites. | security.insecure_connection_text.pbmode.enabled | bool | false @@ -4654,6 +4679,8 @@ Using the preference as the key, set the `Value` to the corresponding preference `"user"` preferences persist even if the policy is removed, so if you need to remove them, you should use the clear policy. +You can also set the `Type` starting in Firefox 123 and Firefox ESR 115.8. It can be `number`, `boolean` or `string`. This is especially useful if you are seeing 0 or 1 values being converted to booleans when set as user preferences. + See the examples below for more detail. IMPORTANT: Make sure you're only setting a particular preference using this mechanism and not some other way. @@ -4669,7 +4696,9 @@ Software\Policies\Mozilla\Firefox\Preferences (REG_MULTI_SZ) = { "accessibility.force_disabled": { "Value": 1, - "Status": "default" + "Status": "default", + "Type": "number" + }, "browser.cache.disk.parent_directory": { "Value": "SOME_NATIVE_PATH", @@ -4693,7 +4722,8 @@ Value (string): { "accessibility.force_disabled": { "Value": 1, - "Status": "default" + "Status": "default", + "Type": "number" }, "browser.cache.disk.parent_directory": { "Value": "SOME_NATIVE_PATH", @@ -4716,6 +4746,8 @@ Value (string): 1 Status default + Type + number browser.cache.disk.parent_directory @@ -4742,6 +4774,7 @@ Value (string): "accessibility.force_disabled": { "Value": 1, "Status": "default" + "Type": "number" }, "browser.cache.disk.parent_directory": { "Value": "SOME_NATIVE_PATH",