From: Michael Kaply <345868+mkaply@users.noreply.github.com> Date: Wed, 20 Mar 2024 15:28:28 +0000 (-0400) Subject: Add Fallback to DNSOverHTTPS X-Git-Tag: v5.9~5^2~1 X-Git-Url: https://git.p6c8.net/policy-templates.git/commitdiff_plain/7e50ec4f98d6a1fe2e3f8ce8ce40fc715974f256?hp=d056a62629daa23795ceb68917eab38a922d271e Add Fallback to DNSOverHTTPS --- diff --git a/docs/index.md b/docs/index.md index c1367da..2a4224e 100644 --- a/docs/index.md +++ b/docs/index.md @@ -2261,7 +2261,9 @@ Configure DNS over HTTPS. `ExcludedDomains` excludes domains from DNS over HTTPS. -**Compatibility:** Firefox 63, Firefox ESR 68 (ExcludedDomains added in 75/68.7)\ +`Fallback` determines whether or not Firefox will use your default DNS resolver if there is a problem with the secure DNS provider. + +**Compatibility:** Firefox 63, Firefox ESR 68 (ExcludedDomains added in 75/68.7) (Fallback added in 124)\@MAKJ **CCK2 Equivalent:** N/A\ **Preferences Affected:** `network.trr.mode`, `network.trr.uri` @@ -2271,6 +2273,7 @@ Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Enabled = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ProviderURL = "URL_TO_ALTERNATE_PROVIDER" Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Locked = 0x1 | 0x0 Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ExcludedDomains\1 = "example.com" +Software\Policies\Mozilla\Firefox\DNSOverHTTPS\Fallback = 0x1 | 0x0 ``` #### Windows (Intune) OMA-URI: @@ -2307,6 +2310,14 @@ Value (string): <enabled/> <data id="List" value="1example.com"/> ``` +OMA-URI: +``` +./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~DNSOverHTTPS/DNSOverHTTPS_Fallback +``` +Value (string): +``` +<enabled/> or <disabled/> +``` #### macOS ``` <dict> @@ -2322,6 +2333,8 @@ Value (string): <array> <string>example.com</string> </array> + <key>Fallback</key> + <true/> | <false/> </dict> </dict> ``` @@ -2333,7 +2346,8 @@ Value (string): "Enabled": true | false, "ProviderURL": "URL_TO_ALTERNATE_PROVIDER", "Locked": true | false, - "ExcludedDomains": ["example.com"] + "ExcludedDomains": ["example.com"], + "Fallback": true | false, } } } diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml index 0954f6a..4fd9d03 100644 --- a/windows/en-US/firefox.adml +++ b/windows/en-US/firefox.adml @@ -209,6 +209,10 @@ If this policy is disabled or not configured, no domains are excluded from DNS o <string id="DNSOverHTTPS_Explain">If this policy is enabled, the default configuration for DNS over HTTPS can be changed. If this policy is disabled or not configured, DNS Over HTTPS uses the default Firefox configuration.</string> + <string id="DNSOverHTTPS_Fallback">Fallback</string> + <string id="DNSOverHTTPS_Fallback_Explain">If this policy is disabled, Firefox will not fallback to your default DNS resolver if there is a problem with the secure DNS provider. + +If this policy is enabled or not configured, Firefox will use your default DNS resolver if there is a problem with the secure DNS provider.</string> <string id="DisableMasterPasswordCreation">Disable Master Password Creation</string> <string id="DisableMasterPasswordCreation_Explain">If this policy is enabled, users cannot create a master password. diff --git a/windows/firefox.admx b/windows/firefox.admx index 82f376c..900057a 100644 --- a/windows/firefox.admx +++ b/windows/firefox.admx @@ -757,6 +757,16 @@ <list id="List" key="Software\Policies\Mozilla\Firefox\DNSOverHTTPS\ExcludedDomains" valuePrefix=""/> </elements> </policy> + <policy name="DNSOverHTTPS_Fallback" class="Both" displayName="$(string.DNSOverHTTPS_Fallback)" explainText="$(string.DNSOverHTTPS_Fallback_Explain)" key="Software\Policies\Mozilla\Firefox\DNSOverHTTPS" valueName="Fallback"> + <parentCategory ref="DNSOverHTTPS"/> + <supportedOn ref="SUPPORTED_FF124"/> + <enabledValue> + <decimal value="1"/> + </enabledValue> + <disabledValue> + <decimal value="0"/> + </disabledValue> + </policy> <policy name="DisableAppUpdate" class="Both" displayName="$(string.DisableAppUpdate)" explainText="$(string.DisableAppUpdate_Explain)" key="Software\Policies\Mozilla\Firefox" valueName="DisableAppUpdate"> <parentCategory ref="firefox"/> <supportedOn ref="SUPPORTED_FF60"/>