From: Michael Kaply <345868+mkaply@users.noreply.github.com>
Date: Mon, 12 Jul 2021 18:42:13 +0000 (-0500)
Subject: Add policy docs for AutoLaunchProtocolsFromOrigins
X-Git-Tag: v2.12~1^2~2
X-Git-Url: https://git.p6c8.net/policy-templates.git/commitdiff_plain/5adc3d7a64e52aa38753fe64f160ab6c79128169?ds=sidebyside;hp=-c
Add policy docs for AutoLaunchProtocolsFromOrigins
---
5adc3d7a64e52aa38753fe64f160ab6c79128169
diff --git a/README.md b/README.md
index df48c65..19ed9e2 100644
--- a/README.md
+++ b/README.md
@@ -11,6 +11,7 @@ Policies can be specified using the [Group Policy templates on Windows](https://
 | **[`AppAutoUpdate`](#appautoupdate)** | Enable or disable automatic application update.
 | **[`AppUpdateURL`](#appupdateurl)** | Change the URL for application update.
 | **[`Authentication`](#authentication)** | Configure sites that support integrated authentication.
+| **[`AutoLaunchProtocolsFromOrigins`](#autolaunchprotocolsfromorigins)** | Define a list of external protocols that can be used from listed origins without prompting the user.
 | **[`BackgroundAppUpdate`](#backgroundappupdate)** | Enable or disable the background updater (Windows only).
 | **[`BlockAboutAddons`](#blockaboutaddons)** | Block access to the Add-ons Manager (about:addons).
 | **[`BlockAboutConfig`](#blockaboutconfig)** | Block access to about:config.
@@ -370,6 +371,98 @@ Value (string):
   }
 }
 ```
+### AutoLaunchProtocolsFromOrigins
+Define a list of external protocols that can be used from listed origins without prompting the user.
+
+The syntax of this policy is exactly the same as the [Chrome AutoLaunchProtocolsFromOrigins policy](https://cloud.google.com/docs/chrome-enterprise/policies/?policy=AutoLaunchProtocolsFromOrigins) except that you can only use valid origins (not just hostnames). This also means that you cannot specify an asterisk for all origins.
+
+The schema is:
+```
+{
+ "items": {
+  "properties": {
+   "allowed_origins": {
+    "items": {
+     "type": "string"
+    },
+    "type": "array"
+   },
+   "protocol": {
+    "type": "string"
+   }
+  },
+  "required": [
+   "protocol",
+   "allowed_origins"
+  ],
+  "type": "object"
+ },
+ "type": "array"
+}
+```
+**Compatibility:** Firefox 90, Firefox ESR 78.12\
+**CCK2 Equivalent:** N/A\
+**Preferences Affected:** N/A
+
+#### Windows (GPO)
+Software\Policies\Mozilla\Firefox\AutoLaunchProtocolsFromOrigins (REG_MULTI_SZ) =
+```
+[
+  {
+    "protocol": "zoommtg",
+    "allowed_origins": [
+      "https://somesite.zoom.us"
+    ]
+  }
+]
+```
+#### Windows (Intune)
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AutoLaunchProtocolsFromOrigins
+```
+Value (string):
+```
+
+
+```
+#### macOS
+```
+
+  AutoLaunchProtocolsFromOrigins
+  
+    
+      protocol
+      zoommtg
+      allowed_origins
+      
+        https://somesite.zoom.us
+      
+    
+  
+
+```
+#### policies.json
+```
+{
+  "policies": {
+    "AutoLaunchProtocolsFromOrigins": [{
+      "protocol": "zoommtg",
+      "allowed_origins": [
+        "https://somesite.zoom.us"
+      ]
+    }]
+  }
+}
+```
 ### BackgroundAppUpdate
 
 Enable or disable **automatic** application update **in the background**, when the application is not running.
@@ -3196,7 +3289,7 @@ Value (string):
   
     
       toplevel_name
-      My managed bookmarks folder
+      My managed bookmarks folder
       
         url
         example.com
diff --git a/mac/org.mozilla.firefox.plist b/mac/org.mozilla.firefox.plist
index d354a0a..01efdb7 100644
--- a/mac/org.mozilla.firefox.plist
+++ b/mac/org.mozilla.firefox.plist
@@ -46,6 +46,17 @@
 		Locked
 		
 	
+  AutoLaunchProtocolsFromOrigins
+  
+    
+      protocol
+      zoommtg
+      allowed_origins
+      
+        https://somesite.zoom.us
+      
+    
+  
 	BlockAboutAddons
 	
 	BlockAboutConfig
diff --git a/windows/de-DE/firefox.adml b/windows/de-DE/firefox.adml
index d09f5e1..70cb551 100644
--- a/windows/de-DE/firefox.adml
+++ b/windows/de-DE/firefox.adml
@@ -846,15 +846,21 @@ For detailed information on creating the policy, see https://github.com/mozilla/
       If this policy is enabled, users can only access Google Workspace for the specified domains (separated by a comma). To allow access to Gmail, you can add consumer_accounts.
 
 If this policy is disabled or not configured, users can access any account on Google Workspace as well as Gmail.
+      Background updater
+      If this policy disabled, the application will not try to install updates when the application is not running.
+
+If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+      Auto Launch Protocols From Origins
+      If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
       Wenn diese Richtlinieneinstellung aktiviert ist, ist die Einstellung auf true gesperrt. Wenn diese Richtlinieneinstellung deaktiviert ist, ist die Einstellung auf false gesperrt.
 
 Für eine Beschreibung der Einstellung, siehe:
 
 https://github.com/mozilla/policy-templates/blob/master/README.md#preferences (Englisch)
-      Background updater
-      If this policy disabled, the application will not try to install updates when the application is not running.
-
-If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
       Wenn diese Richtlinieneinstellung aktiviert ist, ist die Einstellung auf den spezifizierten String-Wert gesperrt. Wenn diese Richtlinieneinstellung deaktiviert ist, hat sie keinen Effekt.
 
 Für eine Beschreibung der Einstellung, siehe:
diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml
index 55fc59e..f60936d 100644
--- a/windows/en-US/firefox.adml
+++ b/windows/en-US/firefox.adml
@@ -851,6 +851,12 @@ If this policy is disabled or not configured, users can access any account on Go
       If this policy disabled, the application will not try to install updates when the application is not running.
 
 If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+      Auto Launch Protocols From Origins
+      If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
       If this policy is enabled, the preference is locked to true. If this policy is disabled, the preference is locked to false.
 
 For a description of the preference, see:
diff --git a/windows/es-ES/firefox.adml b/windows/es-ES/firefox.adml
index c034301..185cf85 100644
--- a/windows/es-ES/firefox.adml
+++ b/windows/es-ES/firefox.adml
@@ -851,6 +851,12 @@ If this policy is disabled or not configured, users can access any account on Go
       If this policy disabled, the application will not try to install updates when the application is not running.
 
 If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+      Auto Launch Protocols From Origins
+      If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
       Si esta polÃtica está habilitada, la preferencia se bloquea en true. Si esta polÃtica está deshabilitada, la preferencia está bloqueada en false.
 
 Para una descripción de la preferencia, visita:
diff --git a/windows/firefox.admx b/windows/firefox.admx
index 3af5f1e..8a5d010 100644
--- a/windows/firefox.admx
+++ b/windows/firefox.admx
@@ -3760,5 +3760,12 @@
         
       
     
+    
+      
+      
+      
+        
+      
+    
   
 
diff --git a/windows/fr-FR/firefox.adml b/windows/fr-FR/firefox.adml
index d7bc70a..d6f65d3 100644
--- a/windows/fr-FR/firefox.adml
+++ b/windows/fr-FR/firefox.adml
@@ -850,6 +850,12 @@ If this policy is disabled or not configured, users can access any account on Go
       If this policy disabled, the application will not try to install updates when the application is not running.
 
 If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+      Auto Launch Protocols From Origins
+      If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
       Si cette stratégie est activée, la préférence est verrouillée sur true. Si cette stratégie est désactivée, la préférence est verrouillée sur false.
 
 Pour une description de la préférence, voir:
diff --git a/windows/it-IT/firefox.adml b/windows/it-IT/firefox.adml
index 40288d1..70ce540 100644
--- a/windows/it-IT/firefox.adml
+++ b/windows/it-IT/firefox.adml
@@ -852,6 +852,12 @@ If this policy is disabled or not configured, users can access any account on Go
       If this policy disabled, the application will not try to install updates when the application is not running.
 
 If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+      Auto Launch Protocols From Origins
+      If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
       Se questo criterio è abilitato, la preferenza è impostata a Vero e resa non modificabile. Se questo criterio è disabilitato, la preferenza è impostata a Falso e resa non modificabile.
 
 Per una descrizione della preferenza, si veda:
diff --git a/windows/ru-RU/firefox.adml b/windows/ru-RU/firefox.adml
index a413905..927e663 100644
--- a/windows/ru-RU/firefox.adml
+++ b/windows/ru-RU/firefox.adml
@@ -851,6 +851,12 @@ If this policy is disabled or not configured, users can access any account on Go
       If this policy disabled, the application will not try to install updates when the application is not running.
 
 If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+      Auto Launch Protocols From Origins
+      If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
        ÐÑли ÑÑа полиÑика вклÑÑена, пÑедпоÑÑение заблокиÑовано на true. ÐÑли ÑÑа полиÑика оÑклÑÑена, пÑедпоÑÑение заблокиÑовано на false.
 
 ÐпиÑание пÑедпоÑÑÐµÐ½Ð¸Ñ Ñм .:
diff --git a/windows/zh-CN/firefox.adml b/windows/zh-CN/firefox.adml
index 657dbf9..109a28a 100644
--- a/windows/zh-CN/firefox.adml
+++ b/windows/zh-CN/firefox.adml
@@ -841,14 +841,20 @@ If this policy is disabled or not configured, onboarding messages will be shown
 è¥ç¦ç¨æä¸è®¾å®æ¤ååï¼åä¸ä¼å å
¥å管çç书ç¾ã
 
 è¥éè¦å»ºç«ååç详ç»ä¿¡æ¯ï¼è¯·åè https://github.com/mozilla/policy-templates/blob/master/README.md#managedbookmarksã 
-      Define domains allowed to access Google Workspace
-      If this policy is enabled, users can only access Google Workspace for the specified domains (separated by a comma). To allow access to Gmail, you can add consumer_accounts.
+    Define domains allowed to access Google Workspace
+    If this policy is enabled, users can only access Google Workspace for the specified domains (separated by a comma). To allow access to Gmail, you can add consumer_accounts.
 
 If this policy is disabled or not configured, users can access any account on Google Workspace as well as Gmail.
-      Background updater
-      If this policy disabled, the application will not try to install updates when the application is not running.
+    Background updater
+    If this policy disabled, the application will not try to install updates when the application is not running.
 
 If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+    Auto Launch Protocols From Origins
+    If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
    è¥å¯ç¨æ¤ååï¼å好设å®å°éå®ä¸º trueã è¥ç¦ç¨æ¤ååï¼å好设å®åéå®ä¸ºfalseã
 
 è¥éè¦å好设置ç详ç»è¯´æï¼è¯·åèï¼
diff --git a/windows/zh-TW/firefox.adml b/windows/zh-TW/firefox.adml
index bc4de9f..06c3fa4 100644
--- a/windows/zh-TW/firefox.adml
+++ b/windows/zh-TW/firefox.adml
@@ -849,6 +849,12 @@ Mozilla å»ºè°æ¨ä¸è¦åç¨ Telemetryãéé Telemetry æ¶éå°çè³è¨å¯
       If this policy disabled, the application will not try to install updates when the application is not running.
 
 If this policy is enabled or not configured, application updates may be installed (without user approval) in the background, even when the application is not running. The operating system might still require approval.
+      Auto Launch Protocols From Origins
+      If this policy is enabled, you can define a list of external protocols that can be used from listed origins without prompting the user.
+
+If this policy is disabled or not configured, any site that invokes an external protocol will ask the user for permission.
+
+For detailed information on creating the policy, see https://github.com/mozilla/policy-templates/blob/master/README.md#autolaunchprotocolsfromorigins.
       è¥åç¨æ¤ååï¼å好è¨å®å°éå®çº trueãè¥åç¨æ¤ååï¼å好è¨å®åéå®çº falseã
 
 è¥éè¦å好è¨å®ç詳細說æï¼è«åèï¼