From: Michael Kaply <345868+mkaply@users.noreply.github.com>
Date: Fri, 21 Jun 2024 11:21:23 +0000 (-0400)
Subject: GPO Updates for new Https policies
X-Git-Tag: v5.12~4^2
X-Git-Url: https://git.p6c8.net/policy-templates.git/commitdiff_plain/4cf3a462afa456b2fdea39ced577fb0fadae3fa6?hp=375641a4ae6bf4e40c172a9cc18aaa16d2c2e708

GPO Updates for new Https policies
---

diff --git a/windows/de-DE/firefox.adml b/windows/de-DE/firefox.adml
index a800229..229264d 100644
--- a/windows/de-DE/firefox.adml
+++ b/windows/de-DE/firefox.adml
@@ -1111,6 +1111,18 @@ Wenn diese Richtlinie deaktiviert oder nicht konfiguriert ist, wird die TLS-Funk
       <string id="PostQuantumKeyAgreementEnabled_Explain">Wenn diese Richtlinieneinstellung aktiviert ist, wird Post-Quantum Key Agreement fÃ¼r TLS aktiviert.
 
 Wenn diese Richtlinieneinstellung deaktiviert oder nicht konfiguriert ist, wird Post-Quantum Key Agreement fÃ¼r TLS deaktiviert.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">Wenn diese Richtlinieneinstellung aktiviert ist, ist die Einstellung auf true gesperrt. Wenn diese Richtlinieneinstellung deaktiviert ist, ist die Einstellung auf false gesperrt.
 
 FÃ¼r eine Beschreibung der Einstellung, siehe:
@@ -1474,6 +1486,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences (E
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml
index 53edd1c..f6d6199 100644
--- a/windows/en-US/firefox.adml
+++ b/windows/en-US/firefox.adml
@@ -1106,6 +1106,18 @@ If this policy is disabled or not configured, the TLS feature Encrypted Client H
       <string id="PostQuantumKeyAgreementEnabled_Explain">If this policy is enabled, post-quantum key agreement for TLS will be enabled.
 
 If this policy is disabled or not configured, post-quantum key agreement for TLS will be disabled.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">If this policy is enabled, the preference is locked to true. If this policy is disabled, the preference is locked to false.
 
 For a description of the preference, see:
@@ -1472,6 +1484,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.</
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
diff --git a/windows/es-ES/firefox.adml b/windows/es-ES/firefox.adml
index 986d5c6..2dd335a 100644
--- a/windows/es-ES/firefox.adml
+++ b/windows/es-ES/firefox.adml
@@ -1108,6 +1108,18 @@ If this policy is disabled or not configured, the TLS feature Encrypted Client H
       <string id="PostQuantumKeyAgreementEnabled_Explain">If this policy is enabled, post-quantum key agreement for TLS will be enabled.
 
 If this policy is disabled or not configured, post-quantum key agreement for TLS will be disabled.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">Si esta polÃ­tica estÃ¡ habilitada, la preferencia se bloquea en true. Si esta polÃ­tica estÃ¡ deshabilitada, la preferencia estÃ¡ bloqueada en false.
 
 Para una descripciÃ³n de la preferencia, visita:
@@ -1474,6 +1486,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences</s
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
diff --git a/windows/firefox.admx b/windows/firefox.admx
index 2fca204..180a4d0 100644
--- a/windows/firefox.admx
+++ b/windows/firefox.admx
@@ -4235,5 +4235,40 @@
         <decimal value="0"/>
       </disabledValue>
     </policy>
+    <policy name="HttpsOnlyMode" class="Both" displayName="$(string.HttpsOnlyMode)" explainText="$(string.HttpsOnlyMode_Explain)" key="Software\Policies\Mozilla\Firefox" presentation="$(presentation.HttpsOnlyMode)">
+      <parentCategory ref="firefox"/>
+      <supportedOn ref="SUPPORTED_FF127_ONLY"/>
+      <elements>
+        <enum id="HttpsOnlyMode" valueName="HttpsOnlyMode">
+          <item displayName="$(string.HttpsOnlyMode_Allowed)">
+            <value>
+              <string>allowed</string>
+            </value>
+          </item>
+          <item displayName="$(string.HttpsOnlyMode_Disallowed)">
+            <value>
+              <string>disallowed</string>
+            </value>
+          </item>
+          <item displayName="$(string.HttpsOnlyMode_Enabled)">
+            <value>
+              <string>enabled</string>
+            </value>
+          </item>
+          <item displayName="$(string.HttpsOnlyMode_ForceEnabled)">
+            <value>
+              <string>force_enabled</string>
+            </value>
+          </item>
+        </enum>
+      </elements>
+    </policy>
+    <policy name="HttpAllowlist" class="Both" displayName="$(string.HttpAllowlist)" explainText="$(string.HttpAllowlist_Explain)" key="Software\Policies\Mozilla\Firefox\HttpAllowlist" presentation="$(presentation.List)">
+      <parentCategory ref="firefox"/>
+      <supportedOn ref="SUPPORTED_FF127_ONLY"/>
+      <elements>
+        <list id="List" key="Software\Policies\Mozilla\Firefox\HttpAllowlist" valuePrefix=""/>
+      </elements>
+    </policy>
   </policies>
 </policyDefinitions>
diff --git a/windows/fr-FR/firefox.adml b/windows/fr-FR/firefox.adml
index 745333a..011a273 100644
--- a/windows/fr-FR/firefox.adml
+++ b/windows/fr-FR/firefox.adml
@@ -1107,6 +1107,18 @@ If this policy is disabled or not configured, the TLS feature Encrypted Client H
       <string id="PostQuantumKeyAgreementEnabled_Explain">If this policy is enabled, post-quantum key agreement for TLS will be enabled.
 
 If this policy is disabled or not configured, post-quantum key agreement for TLS will be disabled.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">Si cette stratÃ©gie est activÃ©e, la prÃ©fÃ©rence est verrouillÃ©e sur true. Si cette stratÃ©gie est dÃ©sactivÃ©e, la prÃ©fÃ©rence est verrouillÃ©e sur false.
 
 Pour une description de la prÃ©fÃ©rence, voir:
@@ -1473,6 +1485,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences</s
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
diff --git a/windows/it-IT/firefox.adml b/windows/it-IT/firefox.adml
index d63dee9..1b434ab 100644
--- a/windows/it-IT/firefox.adml
+++ b/windows/it-IT/firefox.adml
@@ -1109,6 +1109,18 @@ If this policy is disabled or not configured, the TLS feature Encrypted Client H
       <string id="PostQuantumKeyAgreementEnabled_Explain">If this policy is enabled, post-quantum key agreement for TLS will be enabled.
 
 If this policy is disabled or not configured, post-quantum key agreement for TLS will be disabled.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">Se questo criterio Ã¨ abilitato, la preferenza Ã¨ impostata a Vero e resa non modificabile. Se questo criterio Ã¨ disabilitato, la preferenza Ã¨ impostata a Falso e resa non modificabile.
 
 Per una descrizione della preferenza, si veda:
@@ -1475,6 +1487,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences</s
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
diff --git a/windows/ru-RU/firefox.adml b/windows/ru-RU/firefox.adml
index 860899e..9d78677 100644
--- a/windows/ru-RU/firefox.adml
+++ b/windows/ru-RU/firefox.adml
@@ -1109,6 +1109,18 @@ If this policy is disabled or not configured, the TLS feature Encrypted Client H
       <string id="PostQuantumKeyAgreementEnabled_Explain">If this policy is enabled, post-quantum key agreement for TLS will be enabled.
 
 If this policy is disabled or not configured, post-quantum key agreement for TLS will be disabled.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">ÐÑÐ»Ð¸ ÑÑÐ° Ð¿Ð¾Ð»Ð¸ÑÐ¸ÐºÐ° Ð²ÐºÐ»ÑÑÐµÐ½Ð°, Ð¿ÑÐµÐ´Ð¿Ð¾ÑÑÐµÐ½Ð¸Ðµ Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸ÑÐ¾Ð²Ð°Ð½Ð¾ Ð½Ð° true. ÐÑÐ»Ð¸ ÑÑÐ° Ð¿Ð¾Ð»Ð¸ÑÐ¸ÐºÐ° Ð¾ÑÐºÐ»ÑÑÐµÐ½Ð°, Ð¿ÑÐµÐ´Ð¿Ð¾ÑÑÐµÐ½Ð¸Ðµ Ð·Ð°Ð±Ð»Ð¾ÐºÐ¸ÑÐ¾Ð²Ð°Ð½Ð¾ Ð½Ð° false.
 
 ÐÐ¿Ð¸ÑÐ°Ð½Ð¸Ðµ Ð¿ÑÐµÐ´Ð¿Ð¾ÑÑÐµÐ½Ð¸Ñ ÑÐ¼.:
@@ -1475,6 +1487,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.</
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
diff --git a/windows/zh-CN/firefox.adml b/windows/zh-CN/firefox.adml
index 536d72b..b68a954 100644
--- a/windows/zh-CN/firefox.adml
+++ b/windows/zh-CN/firefox.adml
@@ -1108,6 +1108,18 @@ If this policy is disabled or not configured, the TLS feature Encrypted Client H
       <string id="PostQuantumKeyAgreementEnabled_Explain">If this policy is enabled, post-quantum key agreement for TLS will be enabled.
 
 If this policy is disabled or not configured, post-quantum key agreement for TLS will be disabled.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">è¥å¯ç¨æ­¤ååï¼åå¥½è®¾å®å°éå®ä¸º trueã è¥ç¦ç¨æ­¤ååï¼åå¥½è®¾å®åéå®ä¸ºfalseã
 
 è¥éè¦åå¥½è®¾ç½®çè¯¦ç»è¯´æï¼è¯·åèï¼
@@ -1474,6 +1486,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferencesã
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
diff --git a/windows/zh-TW/firefox.adml b/windows/zh-TW/firefox.adml
index 8e284d5..7ad4780 100644
--- a/windows/zh-TW/firefox.adml
+++ b/windows/zh-TW/firefox.adml
@@ -1106,6 +1106,18 @@ If this policy is disabled or not configured, the TLS feature Encrypted Client H
       <string id="PostQuantumKeyAgreementEnabled_Explain">If this policy is enabled, post-quantum key agreement for TLS will be enabled.
 
 If this policy is disabled or not configured, post-quantum key agreement for TLS will be disabled.</string>
+      <string id="HttpsOnlyMode">HTTPS-Only Mode</string>
+      <string id="HttpsOnlyMode_Explain">If this policy is enabled, you can set the default behavior for HTTPS-Only Mode.
+
+If this policy is disabled or not configured, HTTPS-Only Mode is not enabled.</string>
+      <string id="HttpsOnlyMode_Allowed">Off by default</string>
+      <string id="HttpsOnlyMode_Disallowed">Off and locked</string>
+      <string id="HttpsOnlyMode_Enabled">On by default</string>
+      <string id="HttpsOnlyMode_ForceEnabled">On and locked</string>
+      <string id="HttpAllowlist">HTTP Allowlist </string>
+      <string id="HttpAllowlist_Explain">If this policy is enabled, you can specify a list origins that will not be upgraded to HTTPS.
+
+If this policy is disabled or not configured, all origins are upgraded to HTTPS if HTTPS-Only Mode is enabled.</string>
       <string id="Preferences_Boolean_Explain">è¥åç¨æ­¤ååï¼åå¥½è¨­å®å°éå®çº trueãè¥åç¨æ­¤ååï¼åå¥½è¨­å®åéå®çº falseã
 
 è¥éè¦åå¥½è¨­å®çè©³ç´°èªªæï¼è«åèï¼
@@ -1472,6 +1484,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferencesã
         <text>Example: .mozilla.org, .net.nz, 192.168.1.0/24</text>
         <text>Connections to localhost, 127.0.0.1/8, and ::1 are never proxied.</text>
       </presentation>
+      <presentation id="HttpsOnlyMode">
+        <dropdownList refId="HttpsOnlyMode"/>
+      </presentation>
     </presentationTable>
   </resources>
 </policyDefinitionResources>
