From: Michael Kaply <345868+mkaply@users.noreply.github.com> Date: Mon, 17 Jun 2024 12:45:17 +0000 (-0400) Subject: Merge pull request #1118 from mozilla/Https X-Git-Tag: v5.12~8 X-Git-Url: https://git.p6c8.net/policy-templates.git/commitdiff_plain/606a578532d3ccd2c3fc7dabed10c992ca97c508?hp=40df6bf1f001f38a3590ae9b62c5cf220ba602a6 Merge pull request #1118 from mozilla/Https Add new Https options to README --- diff --git a/docs/index.md b/docs/index.md index 4bc7410..2ac1142 100644 --- a/docs/index.md +++ b/docs/index.md @@ -80,6 +80,8 @@ Unfortunately, JSON files do not support comments, but you can add extra entries | **[`Handlers`](#handlers)** | Configure default application handlers. | **[`HardwareAcceleration`](#hardwareacceleration)** | Control hardware acceleration. | **[`Homepage`](#homepage)** | Configure the default homepage and how Firefox starts. +| **[`HttpAllowlist`](#httpallowlist)** | Configure origins that will not be upgraded to HTTPS. +| **[`HttpsOnlyMode`](#httpsonlymode)** | Configure HTTPS-Only Mode. | **[`InstallAddonsPermission`](#installaddonspermission)** | Configure the default extension install policy as well as origins for extension installs are allowed. | **[`LegacyProfiles`](#legacyprofiles)** | Disable the feature enforcing a separate profile for each installation. | **[`LegacySameSiteCookieBehaviorEnabled`](#legacysamesitecookiebehaviorenabled)** | Enable default legacy SameSite cookie behavior setting. @@ -3536,6 +3538,92 @@ Value (string): } } ``` +### HttpAllowlist +Configure sites that will not be upgraded to HTTPS. + +The sites are specified as a list of origins. + +**Compatibility:** Firefox 127\ +**CCK2 Equivalent:** N/A\ +**Preferences Affected:** N/A + +#### Windows (GPO) +``` +Software\Policies\Mozilla\Firefox\HttpAllowlist\1 = "http://example.org" +Software\Policies\Mozilla\Firefox\HttpAllowlist\2 = "http://example.edu" +``` +#### Windows (Intune) +OMA-URI: +``` +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpAllowlist +``` +Value (string): +``` + + +``` +#### macOS +``` + + HttpAllowlist + + http://example.org + http://example.edu + + +``` +#### policies.json +``` +{ + "policies": { + "HttpAllowlist ": ["http://example.org", + "http://example.edu"] + } +} +``` +### HttpsOnlyMode +Configure HTTPS-Only Mode. + +| Value | Description +| --- | --- | +| allowed | HTTPS-Only Mode is off by default, but the user can turn it on. +| disallowed | HTTPS-Only Mode is off and the user can't turn it on. +| enabled | HTTPS-Only Mode is on by default, but the user can turn it off. +| force_enabled | HTTPS-Only Mode is on and the user can't turn it off. + +**Compatibility:** Firefox 127\ +**CCK2 Equivalent:** N/A\ +**Preferences Affected:** `dom.security.https_only_mode` + +#### Windows (GPO) +``` +Software\Policies\Mozilla\Firefox\HttpsOnlyMode = "allowed", "disallowed", "enabled", "force_enabled" +``` +#### Windows (Intune) +OMA-URI: +``` +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HttpsOnlyMode +``` +Value (string): +``` + + +``` +#### macOS +``` + + HttpsOnlyMode + allowed | disallowed | enabled| force_enabled + +``` +#### policies.json +``` +{ + "policies": { + "HttpsOnlyMode": "allowed" | "disallowed" | "enabled" | "force_enabled" + } +} +``` ### InstallAddonsPermission Configure the default extension install policy as well as origins for extension installs are allowed. This policy does not override turning off all extension installs. @@ -4273,7 +4361,6 @@ Value (string): } } ``` - ### PDFjs Disable or configure PDF.js, the built-in PDF viewer.