From: Michael Kaply <345868+mkaply@users.noreply.github.com>
Date: Fri, 25 Apr 2025 19:08:11 +0000 (-0400)
Subject: Merge branch 'master' into master
X-Git-Tag: v6.10~7^2
X-Git-Url: https://git.p6c8.net/policy-templates.git/commitdiff_plain/8b88fa79955b5f295ec26be4a34bdb89912d70a9?hp=47887a44123c38374bd4e3599b1b1eb417dba620
Merge branch 'master' into master
---
diff --git a/docs/index.md b/docs/index.md
index 9923f2e..f1aa8b9 100644
--- a/docs/index.md
+++ b/docs/index.md
@@ -676,7 +676,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/AutoLaunchProtocolsFromOriginsOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/AutoLaunchProtocolsFromOriginsOneLine
```
Value (string):
```
@@ -954,7 +954,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/BookmarksOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/BookmarksOneLine
```
Value (string):
```
@@ -1199,7 +1199,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ContainersOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/ContainersOneLine
```
Value (string):
```
@@ -1246,7 +1246,7 @@ Configure Firefox to use an agent for Data Loss Prevention (DLP) that is compati
`AgentName` is the name of the DLP agent. This is used in dialogs and notifications about DLP operations. The default is "A DLP Agent".
-`AgentTimeout` is the timeout in number of seconds after a DLP request is sent to the agent. After this timeout, the request will be denied unless `DefaultResult` is set to 1 or 2. The default is 30.
+`AgentTimeout` is the timeout in number of seconds after a DLP request is sent to the agent. After this timeout, the request will be denied unless `TimeoutResult` is set to 1 or 2. The default is 300.
`AllowUrlRegexList` is a space-separated list of regular expressions that indicates URLs for which DLP operations will always be allowed without consulting the agent. The default is "^about:(?!blank|srcdoc).*", meaning that any pages that start with "about:" will be exempt from DLP except for "about:blank" and "about:srcdoc", as these can be controlled by web content.
@@ -1270,8 +1270,14 @@ Configure Firefox to use an agent for Data Loss Prevention (DLP) that is compati
* The `Clipboard` entry controls clipboard operations for files and text.
* `Enabled` indicates whether clipboard operations should use DLP. The default is true.
+ * `PlainTextOnly` indicates whether to only analyze the text/plain format on the clipboard. If this
+ value is false, all formats will be analyzed, which some DLP agents may not expect. Regardless of
+ this value, files will be analyzed as usual. The default is true.
* The `DragAndDrop` entry controls drag and drop operations for files and text.
* `Enabled` indicates whether drag and drop operations should use DLP. The default is true.
+ * `PlainTextOnly` indicates whether to only analyze the text/plain format in what is being dropped.
+ If this value is false, all formats will be analyzed, which some DLP agents may not expect.
+ Regardless of this value, files will be analyzed as usual. The default is true.
* The `FileUpload` entry controls file upload operations for files chosen from the file picker.
* `Enabled` indicates whether file upload operations should use DLP. The default is true.
* The `Print` entry controls print operation.
@@ -1283,9 +1289,18 @@ Configure Firefox to use an agent for Data Loss Prevention (DLP) that is compati
`ShowBlockedResult` indicates whether Firefox should show a notification when a DLP request is denied. The default is true.
-**Compatibility:** Firefox 136\
+`TimeoutResult` indicates the desired behavior for DLP requests if the DLP agent does not respond to a request in less than `AgentTimeout` seconds. The default is 0.
+
+| Value | Description
+| --- | --- |
+| 0 | Deny the request (default)
+| 1 | Warn the user and allow them to choose whether to allow or deny
+| 2 | Allow the request
+
+
+**Compatibility:** Firefox 137\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `browser.contentanalysis.agent_name`, `browser.contentanalysis.agent_timeout`, `browser.contentanalysis.allow_url_regex_list`, `browser.contentanalysis.bypass_for_same_tab_operations`, `browser.contentanalysis.client_signature`, `browser.contentanalysis.default_result`, `browser.contentanalysis.deny_url_regex_list`, `browser.contentanalysis.enabled`, `browser.contentanalysis.interception_point.clipboard.enabled`, `browser.contentanalysis.interception_point.drag_and_drop.enabled`, `browser.contentanalysis.interception_point.file_upload.enabled`, `browser.contentanalysis.interception_point.print.enabled`, `browser.contentanalysis.is_per_user`, `browser.contentanalysis.pipe_path_name`, `browser.contentanalysis.show_blocked_result`
+**Preferences Affected:** `browser.contentanalysis.agent_name`, `browser.contentanalysis.agent_timeout`, `browser.contentanalysis.allow_url_regex_list`, `browser.contentanalysis.bypass_for_same_tab_operations`, `browser.contentanalysis.client_signature`, `browser.contentanalysis.default_result`, `browser.contentanalysis.deny_url_regex_list`, `browser.contentanalysis.enabled`, `browser.contentanalysis.interception_point.clipboard.enabled`, `browser.contentanalysis.interception_point.clipboard.plain_text_only`, `browser.contentanalysis.interception_point.drag_and_drop.enabled`, `browser.contentanalysis.interception_point.drag_and_drop.plain_text_only`, `browser.contentanalysis.interception_point.file_upload.enabled`, `browser.contentanalysis.interception_point.print.enabled`, `browser.contentanalysis.is_per_user`, `browser.contentanalysis.pipe_path_name`, `browser.contentanalysis.show_blocked_result`, `browser.contentanalysis.timeout_result`
#### Windows (GPO)
```
@@ -1298,12 +1313,15 @@ Software\Policies\Mozilla\Firefox\ContentAnalysis\DefaultResult = 0x0 | 0x1 | 0x
Software\Policies\Mozilla\Firefox\ContentAnalysis\DenyUrlRegexList = "https://example\.com/.* https://subdomain\.example\.com/.*"
Software\Policies\Mozilla\Firefox\ContentAnalysis\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\Clipboard\Enabled = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\Clipboard\PlainTextOnly = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\DragAndDrop\Enabled = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\DragAndDrop\PlainTextOnly = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\FileUpload\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\InterceptionPoints\Print\Enabled = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\IsPerUser = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\ContentAnalysis\PipePathName = "pipe_custom_name"
Software\Policies\Mozilla\Firefox\ContentAnalysis\ShowBlockedResult = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\ContentAnalysis\TimeoutResult = 0x0 | 0x1 | 0x2
```
#### Windows (Intune)
@@ -1379,7 +1397,7 @@ Value (string):
```
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints/ContentAnalysis_InterceptionPoints_Clipboard
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints~Clipboard/ContentAnalysis_InterceptionPoints_Clipboard
```
Value (string):
```
@@ -1387,7 +1405,7 @@ Value (string):
```
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints/ContentAnalysis_InterceptionPoints_DragAndDrop
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints~Clipboard/ContentAnalysis_InterceptionPoints_Clipboard_PlainTextOnly
```
Value (string):
```
@@ -1395,7 +1413,7 @@ Value (string):
```
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints/ContentAnalysis_InterceptionPoints_FileUpload
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints~DragAndDrop/ContentAnalysis_InterceptionPoints_DragAndDrop
```
Value (string):
```
@@ -1403,7 +1421,23 @@ Value (string):
```
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints/ContentAnalysis_InterceptionPoints_Print
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints~DragAndDrop/ContentAnalysis_InterceptionPoints_DragAndDrop_PlainTextOnly
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints/ContentAnalysis_InterceptionPoints_FileUpload_Enabled
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis~InterceptionPoints/ContentAnalysis_InterceptionPoints_Print_Enabled
```
Value (string):
```
@@ -1434,6 +1468,15 @@ Value (string):
```
or
```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~ContentAnalysis/ContentAnalysis_TimeoutResult
+```
+Value (string):
+```
+
+
+```
#### policies.json
```
@@ -1450,10 +1493,12 @@ Value (string):
"Enabled": true | false,
"InterceptionPoints": {
"Clipboard": {
- "Enabled": true | false
+ "Enabled": true | false,
+ "PlainTextOnly": true | false
},
"DragAndDrop": {
- "Enabled": true | false
+ "Enabled": true | false,
+ "PlainTextOnly": true | false
},
"FileUpload": {
"Enabled": true | false
@@ -1465,6 +1510,7 @@ Value (string):
"IsPerUser": true | false,
"PipePathName": "pipe_custom_name",
"ShowBlockedResult": true | false,
+ "TimeoutResult": 0 | 1 | 2,
}
}
}
@@ -1730,26 +1776,29 @@ Value (string):
Disable specific cryptographic ciphers, listed below.
```
-TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
-TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
-TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
-TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
-TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
-TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
-TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
-TLS_RSA_WITH_AES_128_GCM_SHA256
-TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
+TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
+TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
+TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
+TLS_RSA_WITH_AES_128_GCM_SHA256 (Firefox 78)
+TLS_RSA_WITH_AES_256_GCM_SHA384 (Firefox 78)
+TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (Firefox 97 and Firefox ESR 91.6)
+TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (Firefox 97 and Firefox ESR 91.6)
+TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (Firefox 97 and Firefox ESR 91.6)
+TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Firefox 97 and Firefox ESR 91.6)
+TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (Firefox 97 and Firefox ESR 91.6)
+TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (Firefox 97 and Firefox ESR 91.6)
+TLS_CHACHA20_POLY1305_SHA256 (Firefox 138, Firefox ESR 128.10)
+TLS_AES_128_GCM_SHA256 (Firefox 138, Firefox ESR 128.10)
+TLS_AES_256_GCM_SHA384 (Firefox 138, Firefox ESR 128.10)
```
-**Preferences Affected:** `security.ssl3.ecdhe_rsa_aes_128_gcm_sha256`, `security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256`, `security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256`, `security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256`, `security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384`, `security.ssl3.ecdhe_rsa_aes_256_gcm_sha384`, `security.ssl3.ecdhe_rsa_aes_128_sha`, `security.ssl3.ecdhe_ecdsa_aes_128_sha`, `security.ssl3.ecdhe_rsa_aes_256_sha`, `security.ssl3.ecdhe_ecdsa_aes_256_sha`, `security.ssl3.dhe_rsa_aes_128_sha`, `security.ssl3.dhe_rsa_aes_256_sha`, `security.ssl3.rsa_aes_128_gcm_sha256`, `security.ssl3.rsa_aes_256_gcm_sha384`, `security.ssl3.rsa_aes_128_sha`, `security.ssl3.rsa_aes_256_sha`, `security.ssl3.deprecated.rsa_des_ede3_sha`
+**Preferences Affected:** `security.ssl3.ecdhe_rsa_aes_128_gcm_sha256`, `security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256`, `security.ssl3.ecdhe_ecdsa_chacha20_poly1305_sha256`, `security.ssl3.ecdhe_rsa_chacha20_poly1305_sha256`, `security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384`, `security.ssl3.ecdhe_rsa_aes_256_gcm_sha384`, `security.ssl3.ecdhe_rsa_aes_128_sha`, `security.ssl3.ecdhe_ecdsa_aes_128_sha`, `security.ssl3.ecdhe_rsa_aes_256_sha`, `security.ssl3.ecdhe_ecdsa_aes_256_sha`, `security.ssl3.dhe_rsa_aes_128_sha`, `security.ssl3.dhe_rsa_aes_256_sha`, `security.ssl3.rsa_aes_128_gcm_sha256`, `security.ssl3.rsa_aes_256_gcm_sha384`, `security.ssl3.rsa_aes_128_sha`, `security.ssl3.rsa_aes_256_sha`, `security.ssl3.deprecated.rsa_des_ede3_sha`, `security.tls13.chacha20_poly1305_sha256`, `security.tls13.aes_128_gcm_sha256`, `security.tls13.aes_256_gcm_sha384`
---
**Note:**
@@ -1757,7 +1806,7 @@ TLS_RSA_WITH_3DES_EDE_CBC_SHA
This policy was updated in Firefox 78 to allow enabling ciphers as well. Setting the value to true disables the cipher, setting the value to false enables the cipher. Previously setting the value to true or false disabled the cipher.
---
-**Compatibility:** Firefox 76, Firefox ESR 68.8 (TLS_RSA_WITH_AES_128_GCM_SHA256 and TLS_RSA_WITH_AES_256_GCM_SHA384 were added in Firefox 78, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA38, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, and TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 were added in Firefox 97 and Firefox 91.6)\
+**Compatibility:** Firefox 76, Firefox ESR 68.8\
**CCK2 Equivalent:** N/A\
**Preferences Affected:** N/A
@@ -3027,7 +3076,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ExemptDomainFileTypePairsFromFileTypeDownloadWarningsOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/ExemptDomainFileTypePairsFromFileTypeDownloadWarningsOneLine
```
Value (string):
```
@@ -3228,8 +3277,7 @@ Value (string):
"installation_mode": "force_installed",
"install_url": "https://addons.mozilla.org/firefox/downloads/latest/adguardadblocker@adguard.com/latest.xpi"
},
- {
- "https-everywhere@eff.org": {
+ "https-everywhere@eff.org": {
"installation_mode": "allowed",
"updates_disabled": false
}
@@ -3646,7 +3694,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/HandlersOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/HandlersOneLine
```
Value (string):
```
@@ -4262,7 +4310,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/ManagedBoomarksOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/ManagedBookmarksOneLine
```
Value (string):
```
@@ -5474,7 +5522,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/PreferencesOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/PreferencesOneLine
```
Value (string):
```
@@ -5964,17 +6012,17 @@ or
### SanitizeOnShutdown (Selective)
Clear data on shutdown.
-Note: Starting with Firefox 128, History clears FormData and Downloads as well.
+Note: Starting with Firefox 136, FormData and History have been separated again.
`Cache`
`Cookies`
-`Downloads` Download History (*Deprecated*)
+`Downloads` Download History (*Deprecated - part of History*)
-`FormData` Form & Search History (*Deprecated*)
+`FormData` Form History
-`History` Browsing History, Download History, Form & Search History.
+`History` Browsing History, Download History
`Sessions` Active Logins
@@ -5986,12 +6034,13 @@ Note: Starting with Firefox 128, History clears FormData and Downloads as well.
**Compatibility:** Firefox 68, Firefox ESR 68 (Locked added in 74/68.6, History update in Firefox 128)\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown`, `privacy.clearOnShutdown.cache`, `privacy.clearOnShutdown.cookies`, `privacy.clearOnShutdown.downloads`, `privacy.clearOnShutdown.formdata`, `privacy.clearOnShutdown.history`, `privacy.clearOnShutdown.sessions`, `privacy.clearOnShutdown.siteSettings`, `privacy.clearOnShutdown.offlineApps`, `privacy.clearOnShutdown_v2.historyFormDataAndDownloads` (Firefox 128), `privacy.clearOnShutdown_v2.cookiesAndStorage` (Firefox 128), `privacy.clearOnShutdown_v2.cache` (Firefox 128), `privacy.clearOnShutdown_v2.siteSettings` (Firefox 128)
+**Preferences Affected:** `privacy.sanitize.sanitizeOnShutdown`, `privacy.clearOnShutdown.cache`, `privacy.clearOnShutdown.cookies`, `privacy.clearOnShutdown.downloads`, `privacy.clearOnShutdown.formdata`, `privacy.clearOnShutdown.history`, `privacy.clearOnShutdown.sessions`, `privacy.clearOnShutdown.siteSettings`, `privacy.clearOnShutdown.offlineApps`, `privacy.clearOnShutdown_v2.historyFormDataAndDownloads` (Firefox 128), `privacy.clearOnShutdown_v2.cookiesAndStorage` (Firefox 128), `privacy.clearOnShutdown_v2.cache` (Firefox 128), `privacy.clearOnShutdown_v2.siteSettings` (Firefox 128), `privacy.clearOnShutdown_v2.formdata` (Firefox 128)
#### Windows (GPO)
```
Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cache = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Cookies = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\FormData = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\History = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\Sessions = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\SanitizeOnShutdown\SiteSettings = 0x1 | 0x0
@@ -6016,6 +6065,14 @@ Value (string):
```
OMA-URI:
```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~SanitizeOnShutdown/E_SanitizeOnShutdown_FormData
+```
+Value (string):
+```
+ or
+```
+OMA-URI:
+```
./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~SanitizeOnShutdown/E_SanitizeOnShutdown_History
```
Value (string):
@@ -6055,6 +6112,8 @@ Value (string):
|
Cookies
|
+ FormData
+ |
History
|
Sessions
@@ -6073,6 +6132,7 @@ Value (string):
"SanitizeOnShutdown": {
"Cache": true | false,
"Cookies": true | false,
+ "FormData": true | false,
"History": true | false,
"Sessions": true | false,
"SiteSettings": true | false,
@@ -6082,7 +6142,7 @@ Value (string):
}
```
### SanitizeOnShutdown (All)
-Clear all data on shutdown, including Browsing & Download History, Cookies, Active Logins, Cache, Form & Search History, Site Preferences and Offline Website Data.
+Clear all data on shutdown, including Browsing & Download History, Cookies, Active Logins, Cache, Form History, Site Preferences and Offline Website Data.
**Compatibility:** Firefox 60, Firefox ESR 60\
**CCK2 Equivalent:** N/A\
@@ -6784,6 +6844,8 @@ Prevent Firefox from messaging the user in certain situations.
`FirefoxLabs` If false, don't show the "Firefox Labs" section in Preferences. (Firefox 130.0.1)
+Note: Firefox Labs is now controlled by Nimbus, our testing platform, so disabling telemetry also disables Firefox Labs.
+
`Locked` prevents the user from changing user messaging preferences.
**Compatibility:** Firefox 75, Firefox ESR 68.7\
@@ -6930,7 +6992,7 @@ to workaround the limit on the length of strings. Put all of your JSON on one li
OMA-URI:
```
-./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Extensions/WebsiteFilterOneLine
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/WebsiteFilterOneLine
```
Value (string):
```
diff --git a/windows/de-DE/firefox.adml b/windows/de-DE/firefox.adml
index 1d1c295..d0fe6a1 100644
--- a/windows/de-DE/firefox.adml
+++ b/windows/de-DE/firefox.adml
@@ -1,5 +1,5 @@
-
+
@@ -76,6 +76,8 @@
Firefox 130 oder höher
Firefox 131 oder höher, Firefox 128.3 ESR oder höhe
Firefox 137 oder höher
+ Firefox 138 oder höher
+ Firefox 138 oder höher, Firefox 128.10 ESR oder höhe
Firefox
Berechtigungen
Kamera
@@ -105,6 +107,8 @@
Firefox Suggest (nur USA)
Verhinderung von Datenverlust (DLP)
Abfangpunkte
+ Zwischenablage
+ Drag-and-Drop
Erlaubte Seiten
Erlaubte Seiten (Session Only)
Gesperrte Seiten
@@ -897,6 +901,9 @@ Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, können
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ TLS_CHACHA20_POLY1305_SHA256
+ TLS_AES_128_GCM_SHA256
+ TLS_AES_256_GCM_SHA384
Wenn diese Richtlinieneinstellung aktiviert ist, ist die ausgewählte Verschlüsselung deaktiviert.
Wenn diese Richtlinieneinstellung deaktiviert ist, ist der ausgewählte Verschlüsselung aktiviert.
@@ -1191,14 +1198,22 @@ Wenn diese Richtlinieneinstellung deaktiviert oder nicht konfiguriert ist, wird
Wenn diese Richtlinieneinstellung deaktiviert ist, zeigt Firefox keine Benachrichtigung an, wenn eine DLP-Anfrage abgelehnt wird.
Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, zeigt Firefox eine Benachrichtigung an, wenn eine DLP-Anfrage abgelehnt wird.
- Zwischenablage
+ Aktiviert
Wenn diese Richtlinieneinstellung deaktiviert ist, wird bei Vorgängen in der Zwischenablage kein DLP verwendet.
Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, wird bei Vorgängen in der Zwischenablage DLP verwendet.
- Drag-and-Drop
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed on the clipboard, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed on the clipboard.
+ Aktiviert
Wenn diese Richtlinieneinstellung deaktiviert ist, wird bei Drag-and-Drop-Vorgängen kein DLP verwendet.
Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, verwenden Drag-and-Drop-Vorgänge DLP.
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed in what is being dropped, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed in what is being dropped.
Datei-Upload
Wenn diese Richtlinieneinstellung deaktiviert ist, wird bei Datei-Upload-Vorgängen kein DLP verwendet.
@@ -1207,6 +1222,10 @@ Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, wird be
Wenn diese Richtlinieneinstellung deaktiviert ist, wird bei Druckvorgängen kein DLP verwendet.
Wenn diese Richtlinieneinstellung aktiviert oder nicht konfiguriert ist, wird bei Druckvorgängen DLP verwendet.
+ Timeout Result
+ If this policy is enabled, you can indicate the desired behavior for DLP requests if the DLP agent does not respond to a request in less than AgentTimeout seconds.
+
+If this policy is disabled or not configured, the request will be denied.
Wenn diese Richtlinieneinstellung aktiviert ist, ist die Einstellung auf true gesperrt. Wenn diese Richtlinieneinstellung deaktiviert ist, ist die Einstellung auf false gesperrt.
Für eine Beschreibung der Einstellung, siehe:
@@ -1582,6 +1601,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences (E
+
+
+
diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml
index 0033bbd..34f8917 100644
--- a/windows/en-US/firefox.adml
+++ b/windows/en-US/firefox.adml
@@ -1,5 +1,5 @@
-
+
@@ -76,6 +76,8 @@
Firefox 130 or later
Firefox 131 or later, Firefox 128.3 ESR or later
Firefox 137 or later
+ Firefox 138 or later
+ Firefox 138, Firefox 128.10 ESR
Firefox
Permissions
Camera
@@ -105,6 +107,8 @@
Firefox Suggest (US only)
Content Analysis (DLP)
Interception Points
+ Clipboard
+ Drag And Drop
Allowed Sites
Allowed Sites (Session Only)
Blocked Sites
@@ -897,6 +901,9 @@ If this policy is enabled or not configured, user messaging preferences cannot b
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ TLS_CHACHA20_POLY1305_SHA256
+ TLS_AES_128_GCM_SHA256
+ TLS_AES_256_GCM_SHA384
If this policy is enabled, the corresponding cipher is disabled.
If this policy is disabled, the corresponding cipher is enabled.
@@ -1185,14 +1192,22 @@ If this policy is disabled or not configured, the default pipe name of 'path_use
If this policy is disabled, Firefox will not show a notification when a DLP request is denied.
If this policy is enabled or not configured, Firefox will show a notification when a DLP request is denied.
- Clipboard
+ Enabled
If this policy is disabled, clipboard operations will not use DLP.
If this policy is enabled or not configured, clipboard operations will use DLP.
- Drag And Drop
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed on the clipboard, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed on the clipboard.
+ Enabled
If this policy is disabled, drag and drop operations will not use DLP.
If this policy is enabled or not configured, drag and drop operations will use DLP.
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed in what is being dropped, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed in what is being dropped.
File Upload
If this policy is disabled, file upload operations will not use DLP.
@@ -1201,6 +1216,10 @@ If this policy is enabled or not configured, file upload operations will use DLP
If this policy is disabled, print operations will not use DLP.
If this policy is enabled or not configured, print operations will use DLP.
+ Timeout Result
+ If this policy is enabled, you can indicate the desired behavior for DLP requests if the DLP agent does not respond to a request in less than AgentTimeout seconds.
+
+If this policy is disabled or not configured, the request will be denied.
If this policy is enabled, the preference is locked to true. If this policy is disabled, the preference is locked to false.
For a description of the preference, see:
@@ -1579,6 +1598,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.
+
+
+
diff --git a/windows/firefox.admx b/windows/firefox.admx
index 83d29c0..4b9a888 100644
--- a/windows/firefox.admx
+++ b/windows/firefox.admx
@@ -1,10 +1,10 @@
-
+
-
+
@@ -78,6 +78,7 @@
+
@@ -177,6 +178,12 @@
+
+
+
+
+
+
@@ -3892,6 +3899,36 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
@@ -4314,28 +4351,28 @@
-
+
-
+
-
+
-
+
@@ -4345,14 +4382,14 @@
-
+
-
+
-
@@ -4375,14 +4412,14 @@
-
+
-
+
@@ -4392,7 +4429,7 @@
-
+
@@ -4402,14 +4439,14 @@
-
+
-
+
@@ -4418,8 +4455,18 @@
-
-
+
+
+
+
+
+
+
+
+
+
+
+
@@ -4428,8 +4475,18 @@
-
-
+
+
+
+
+
+
+
+
+
+
+
+
@@ -4439,7 +4496,7 @@
-
+
@@ -4449,7 +4506,7 @@
-
+
@@ -4457,5 +4514,27 @@
-
+
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+ -
+
+
+
+
+
+
+
diff --git a/windows/fr-FR/firefox.adml b/windows/fr-FR/firefox.adml
index c6f25ee..30ca46e 100644
--- a/windows/fr-FR/firefox.adml
+++ b/windows/fr-FR/firefox.adml
@@ -1,5 +1,5 @@
-
+
@@ -76,6 +76,8 @@
Firefox 130 ou supérieur
Firefox 131 ou supérieur, Firefox 128.3 ESR ou supérieur
Firefox 137 ou supérieur
+ Firefox 138 ou supérieur
+ Firefox 138 ou supérieur, Firefox 128.10 ESR ou supérieur
Firefox
Permissions
Caméra
@@ -105,6 +107,8 @@
Firefox Suggest (US seulement)
Content Analysis (DLP)
Interception Points
+ Clipboard
+ Drag And Drop
Sites autorisés
Sites autorisés (Session seulement)
Sites bloqués
@@ -897,6 +901,9 @@ Si cette stratégie est activée ou non configurée, les préférences de messag
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ TLS_CHACHA20_POLY1305_SHA256
+ TLS_AES_128_GCM_SHA256
+ TLS_AES_256_GCM_SHA384
Si cette stratégie est activée, le chiffrement correspondant est désactivé.
Si cette stratégie est désactivée, le chiffrement correspondant est activé.
@@ -1185,14 +1192,22 @@ If this policy is disabled or not configured, the default pipe name of 'path_use
If this policy is disabled, Firefox will not show a notification when a DLP request is denied.
If this policy is enabled or not configured, Firefox will show a notification when a DLP request is denied.
- Clipboard
+ Enabled
If this policy is disabled, clipboard operations will not use DLP.
If this policy is enabled or not configured, clipboard operations will use DLP.
- Drag And Drop
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed on the clipboard, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed on the clipboard.
+ Enabled
If this policy is disabled, drag and drop operations will not use DLP.
If this policy is enabled or not configured, drag and drop operations will use DLP.
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed in what is being dropped, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed in what is being dropped.
File Upload
If this policy is disabled, file upload operations will not use DLP.
@@ -1201,6 +1216,10 @@ If this policy is enabled or not configured, file upload operations will use DLP
If this policy is disabled, print operations will not use DLP.
If this policy is enabled or not configured, print operations will use DLP.
+ Timeout Result
+ If this policy is enabled, you can indicate the desired behavior for DLP requests if the DLP agent does not respond to a request in less than AgentTimeout seconds.
+
+If this policy is disabled or not configured, the request will be denied.
Si cette stratégie est activée, la préférence est verrouillée sur "true". Si cette stratégie est désactivée, la préférence est verrouillée sur "false".
Pour une description de la préférence, consultez :
@@ -1579,6 +1598,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.
+
+
+
diff --git a/windows/ru-RU/firefox.adml b/windows/ru-RU/firefox.adml
index 57f753f..e7520c7 100644
--- a/windows/ru-RU/firefox.adml
+++ b/windows/ru-RU/firefox.adml
@@ -1,5 +1,5 @@
-
+
@@ -77,6 +77,8 @@
Firefox 130 или более поздние веÑÑии
Firefox 131 или более поздние веÑÑии, Firefox 128.3 ESR или более поздние веÑÑии
Firefox 137 или более поздние веÑÑии
+ Firefox 138 или более поздние веÑÑии
+ Firefox 138 или более поздние веÑÑии, Firefox 128.10 ESR или более поздние веÑÑии
Firefox
РазÑеÑениÑ
ÐамеÑа
@@ -106,6 +108,8 @@
Firefox Suggest (US only)
Content Analysis (DLP)
Interception Points
+ Clipboard
+ Drag And Drop
РазÑеÑÑннÑе ÑайÑÑ
РазÑеÑÑннÑе ÑайÑÑ (Session Only)
ÐаблокиÑованнÑе ÑайÑÑ
@@ -900,6 +904,9 @@ Mozilla ÑекомендÑÐµÑ Ð½Ðµ оÑклÑÑаÑÑ ÑелемеÑÑиÑ. Ð
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ TLS_CHACHA20_POLY1305_SHA256
+ TLS_AES_128_GCM_SHA256
+ TLS_AES_256_GCM_SHA384
ÐÑли ÑÑа полиÑика вклÑÑена, ÑооÑвеÑÑÑвÑÑÑий ÑиÑÑ Ð¾ÑклÑÑен.
ÐÑли ÑÑа полиÑика оÑклÑÑена, ÑооÑвеÑÑÑвÑÑÑий ÑиÑÑ Ð²ÐºÐ»ÑÑен.
@@ -1188,14 +1195,22 @@ If this policy is disabled or not configured, the default pipe name of 'path_use
If this policy is disabled, Firefox will not show a notification when a DLP request is denied.
If this policy is enabled or not configured, Firefox will show a notification when a DLP request is denied.
- Clipboard
+ Enabled
If this policy is disabled, clipboard operations will not use DLP.
If this policy is enabled or not configured, clipboard operations will use DLP.
- Drag And Drop
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed on the clipboard, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed on the clipboard.
+ Enabled
If this policy is disabled, drag and drop operations will not use DLP.
If this policy is enabled or not configured, drag and drop operations will use DLP.
+ Plain Text Only
+ If this policy is disabled, all formats will be analyzed in what is being dropped, which some DLP agents may not expect.
+
+If this policy is enabled or not configured, only the text/plain format will be analyzed in what is being dropped.
File Upload
If this policy is disabled, file upload operations will not use DLP.
@@ -1204,6 +1219,10 @@ If this policy is enabled or not configured, file upload operations will use DLP
If this policy is disabled, print operations will not use DLP.
If this policy is enabled or not configured, print operations will use DLP.
+ Timeout Result
+ If this policy is enabled, you can indicate the desired behavior for DLP requests if the DLP agent does not respond to a request in less than AgentTimeout seconds.
+
+If this policy is disabled or not configured, the request will be denied.
ÐÑли ÑÑа полиÑика вклÑÑена, пÑедпоÑÑение заблокиÑовано на true. ÐÑли ÑÑа полиÑика оÑклÑÑена, пÑедпоÑÑение заблокиÑовано на false.
ÐпиÑание пÑедпоÑÑÐµÐ½Ð¸Ñ Ñм.:
@@ -1582,6 +1601,9 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.
+
+
+