From b06395a01a8b538676599667c571d4c3778c95ef Mon Sep 17 00:00:00 2001
From: Michael Kaply <345868+mkaply@users.noreply.github.com>
Date: Wed, 8 Dec 2021 15:38:38 -0600
Subject: [PATCH] Add support for new Cookie Behavior policy
---
README.md | 51 ++++++++++++++++++++---
mac/org.mozilla.firefox.plist | 10 +----
windows/de-DE/firefox.adml | 20 +++++++++
windows/en-US/firefox.adml | 30 +++++++++++---
windows/es-ES/firefox.adml | 20 +++++++++
windows/firefox.admx | 76 +++++++++++++++++++++++++++++++++++
windows/fr-FR/firefox.adml | 20 +++++++++
windows/it-IT/firefox.adml | 20 +++++++++
windows/ru-RU/firefox.adml | 42 ++++++++++++++-----
windows/zh-CN/firefox.adml | 34 ++++++++++++----
windows/zh-TW/firefox.adml | 20 +++++++++
11 files changed, 305 insertions(+), 38 deletions(-)
diff --git a/README.md b/README.md
index d9bc93b..acf671d 100644
--- a/README.md
+++ b/README.md
@@ -891,19 +891,32 @@ Configure cookie preferences.
`Block` is a list of origins (not domains) where cookies are always blocked. You must include http or https.
-`Default` determines whether cookies are accepted at all.
+`Behavior` sets the default behavior for cookies based on the values below.
-`AcceptThirdParty` determines how third-party cookies are handled.
+`BehaviorPrivateBrowsing` sets the default behavior for cookies in private browsing based on the values below.
+
+| Value | Description
+| --- | ---
+| accept | Accept all cookies
+| reject-foreign | Reject third party cookies
+| reject | Reject all cookies
+| limit-foreign | Reject third party cookies for sites you haven't visited
+| reject-tracker | Reject cookies for known trackers (default)
+| reject-tracker-and-partition-foreign | Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection) (default for private browsing)
+
+`Default` (Deprecated) determines whether cookies are accepted at all.
+
+`AcceptThirdParty` (Deprecated) determines how third-party cookies are handled.
`ExpireAtSessionEnd` determines when cookies expire.
-`RejectTracker` only rejects cookies for trackers.
+`RejectTracker` (Deprecated) only rejects cookies for trackers.
`Locked` prevents the user from changing cookie preferences.
-**Compatibility:** Firefox 60, Firefox ESR 60 (RejectTracker added in Firefox 63, AllowSession added in Firefox 79/78.1)\
+**Compatibility:** Firefox 60, Firefox ESR 60 (RejectTracker added in Firefox 63, AllowSession added in Firefox 79/78.1, Behavior added in Firefox 95/91.4)\
**CCK2 Equivalent:** N/A\
-**Preferences Affected:** `network.cookie.cookieBehavior`, `network.cookie.lifetimePolicy`
+**Preferences Affected:** `network.cookie.cookieBehavior`, `network.cookie.cookieBehavior.pbmode`, `network.cookie.lifetimePolicy`
#### Windows (GPO)
```
@@ -914,6 +927,8 @@ Software\Policies\Mozilla\Firefox\Cookies\Default = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Cookies\AcceptThirdParty = "always" | "never" | "from-visited"
Software\Policies\Mozilla\Firefox\Cookies\ExpireAtSessionEnd = 0x1 | 0x0
Software\Policies\Mozilla\Firefox\Cookies\RejectTracker = 0x1 | 0x0
+Software\Policies\Mozilla\Firefox\Cookies\Behavior = "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign"
+Software\Policies\Mozilla\Firefox\Cookies\BehaviorPrivateBrowsing = "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign"
Software\Policies\Mozilla\Firefox\Cookies\Locked = 0x1 | 0x0
```
#### Windows (Intune)
@@ -985,6 +1000,24 @@ Value (string):
```
or
```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_Behavior
+```
+Value (string):
+```
+
+
+```
+OMA-URI:
+```
+./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox~Cookies/Cookies_BehaviorPrivateBrowsing
+```
+Value (string):
+```
+
+
+```
#### macOS
```
@@ -1012,6 +1045,10 @@ Value (string):
|
Locked
|
+ Behavior
+ accept | reject-foreign | reject | limit-foreign | reject-tracker | reject-tracker-and-partition-foreign
+ BehaviorPrivateBrowsing
+ accept | reject-foreign | reject | limit-foreign | reject-tracker | reject-tracker-and-partition-foreign
```
@@ -1027,7 +1064,9 @@ Value (string):
"AcceptThirdParty": "always" | "never" | "from-visited",
"ExpireAtSessionEnd": true | false,
"RejectTracker": true | false,
- "Locked": true | false
+ "Locked": true | false,
+ "Behavior": "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign",
+ "BehaviorPrivateBrowsing": "accept" | "reject-foreign" | "reject" | "limit-foreign" | "reject-tracker" | "reject-tracker-and-partition-foreign",
}
}
}
diff --git a/mac/org.mozilla.firefox.plist b/mac/org.mozilla.firefox.plist
index 733afeb..1ad8bc6 100644
--- a/mac/org.mozilla.firefox.plist
+++ b/mac/org.mozilla.firefox.plist
@@ -118,14 +118,8 @@
https://www.example.edu/
- Default
-
- AcceptThirdParty
- never
- ExpireAtSessionEnd
-
- RejectTracker
-
+ Behavior
+ limit-foreign
Locked
diff --git a/windows/de-DE/firefox.adml b/windows/de-DE/firefox.adml
index 1c4bc26..8d60782 100644
--- a/windows/de-DE/firefox.adml
+++ b/windows/de-DE/firefox.adml
@@ -394,6 +394,20 @@ Diese Einstellung wird ignoriert wenn diese Richtlinieneinstellung deaktiviert o
Wenn Sie die Richtlinieneinstellung aktivieren können Benutzer die Cookie-Einstellungen nicht ändern.
Wenn Sie die Richtlinieneinstellung deaktivieren oder nicht konfigurieren, können Benutzer die Cookie-Einstellungen ändern.
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
Wenn diese Richtlinieneinstellung aktiviert ist, wird die Kamera für die genannten Quellen automatisch freigegeben.
Wenn diese Richtlinieneinstellung deaktiviert oder nicht konfiguriert ist, wird die Standardeinstellung befolgt.
@@ -987,6 +1001,12 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences (E
+
+
+
+
+
+
diff --git a/windows/en-US/firefox.adml b/windows/en-US/firefox.adml
index d279adc..f4e0f83 100644
--- a/windows/en-US/firefox.adml
+++ b/windows/en-US/firefox.adml
@@ -371,11 +371,11 @@ If this policy is disabled or not configured, the default cookie policy is follo
If this policy is enabled, cookies are blocked for the origins indicated. If a top level domain is specified (http://example.org), cookies are blocked from all subdomains as well.
If this policy is disabled or not configured, cookies are not blocked by default.
- Accept cookies from websites
+ Accept cookies from websites (Deprecated)
If this policy is disabled, cookies are not accepted from websites by default.
If this policy is not configured or enabled, cookies are accepted from websites.
- Accept third-party cookies
+ Accept third-party cookies (Deprecated)
If this policy is enabled and cookies are allowed, you can set when to accept third-party cookies.
This setting is ignored if this policy is disabled or not configured or if cookies are not allowed.
@@ -386,14 +386,26 @@ This setting is ignored if this policy is disabled or not configured or if cooki
If this policy is enabled and cookies are allowed, they will expire when Firefox is closed.
This setting is ignored if this policy is disabled or not configured or if cookies are not allowed.
- Reject trackers
+ Reject trackers (Deprecated)
If this policy is enabled and cookies are allowed, Firefox will reject tracker cookies by default.
This setting is ignored if this policy is disabled or not configured or if cookies are not allowed.
Do not allow preferences to be changed
- If this policy is enabled, cookie preferences cannot be changed by the user.
-
-If this policy is disabled or not configured, the user can change their cookie preferences.
+ If this policy is enabled, cookie preferences cannot be changed by the user.
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
If this policy is enabled, access to the camera is always allowed for the origins indicated.
If this policy is disabled or not configured, the default camera policy is followed.
@@ -986,6 +998,12 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences.
+
+
+
+
+
+
diff --git a/windows/es-ES/firefox.adml b/windows/es-ES/firefox.adml
index c7a8b12..4c8a537 100644
--- a/windows/es-ES/firefox.adml
+++ b/windows/es-ES/firefox.adml
@@ -394,6 +394,20 @@ Esta configuración se ignora si esta polÃtica está deshabilitada o no está c
Si esta polÃtica está habilitada, el usuario no podrá cambiar las preferencias de cookies.
Si esta polÃtica está deshabilitada o no está configurada, el usuario podrá cambiar tus preferencias de cookies.
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
Si esta polÃtica está habilitada, el acceso a la cámara siempre estará permitido para los orÃgenes indicados.
Si esta polÃtica está deshabilitada o no está configurada, se seguirá la polÃtica de cámara predeterminada.
@@ -986,6 +1000,12 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences
+
+
+
+
+
+
diff --git a/windows/firefox.admx b/windows/firefox.admx
index aea314b..104f75e 100644
--- a/windows/firefox.admx
+++ b/windows/firefox.admx
@@ -381,6 +381,82 @@
+
+
+
+
+
+ -
+
+ accept
+
+
+ -
+
+ reject-foreign
+
+
+ -
+
+ reject
+
+
+ -
+
+ limit-foreign
+
+
+ -
+
+ reject-tracker
+
+
+ -
+
+ reject-tracker-and-partition-foreign
+
+
+
+
+
+
+
+
+
+
+ -
+
+ accept
+
+
+ -
+
+ reject-foreign
+
+
+ -
+
+ reject
+
+
+ -
+
+ limit-foreign
+
+
+ -
+
+ reject-tracker
+
+
+ -
+
+ reject-tracker-and-partition-foreign
+
+
+
+
+
diff --git a/windows/fr-FR/firefox.adml b/windows/fr-FR/firefox.adml
index 8ca32b1..a23203a 100644
--- a/windows/fr-FR/firefox.adml
+++ b/windows/fr-FR/firefox.adml
@@ -394,6 +394,20 @@ Ce paramètre est ignoré si cette stratégie est désactivée ou non configuré
Si cette stratégie est activée, les préférences en matière de cookies ne peuvent pas être modifiées par l'utilisateur.
Si cette stratégie est désactivée ou non configurée, l'utilisateur peut modifier ses préférences en matière de cookies.
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
Si cette stratégie est activée, l'accès à la caméra est toujours autorisé pour les origines indiquées.
Si cette stratégie est désactivée ou non configurée, la stratégie par défaut de la caméra est appliquée.
@@ -985,6 +999,12 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences
+
+
+
+
+
+
diff --git a/windows/it-IT/firefox.adml b/windows/it-IT/firefox.adml
index 15276cc..02d35bd 100644
--- a/windows/it-IT/firefox.adml
+++ b/windows/it-IT/firefox.adml
@@ -394,6 +394,20 @@ Quest'impostazione è ignorata se questo criterio è disabilitato o non configur
Se questo criterio è abilitato, le preferenze relative ai cookie non possono essere modificate dall'utente.
Se questo criterio è disabilitato o non configurato, l'utente può modificare le preferenze relative ai cookie.
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
Se questo criterio è abilitato, l'accesso alla fotocamera è sempre consentito per le origini indicate.
Se questo criterio è disabilitato o non configurato verrà seguita la politica predefinita per la fotocamera.
@@ -987,6 +1001,12 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences
+
+
+
+
+
+
diff --git a/windows/ru-RU/firefox.adml b/windows/ru-RU/firefox.adml
index ade9f10..113b2fc 100644
--- a/windows/ru-RU/firefox.adml
+++ b/windows/ru-RU/firefox.adml
@@ -394,6 +394,20 @@ Mozilla ÑекомендÑÐµÑ Ð½Ðµ оÑклÑÑаÑÑ ÑелемеÑÑиÑ. Ð
ÐÑли ÑÑа полиÑика вклÑÑена, полÑзоваÑÐµÐ»Ñ Ð½Ðµ Ð¼Ð¾Ð¶ÐµÑ Ð¸Ð·Ð¼ÐµÐ½Ð¸ÑÑ Ð½Ð°ÑÑÑойки Ñайлов cookie.
ÐÑли ÑÑа полиÑика оÑклÑÑена или не наÑÑÑоена, полÑзоваÑÐµÐ»Ñ Ð¼Ð¾Ð¶ÐµÑ Ð¸Ð·Ð¼ÐµÐ½Ð¸ÑÑ Ñвои наÑÑÑойки Ñайлов cookie.
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
ÐÑли ÑÑа полиÑика вклÑÑена, доÑÑÑп к камеÑе вÑегда ÑазÑеÑен Ð´Ð»Ñ ÑказаннÑÑ
иÑÑоÑников.
ÐÑли ÑÑа полиÑика оÑклÑÑена или не наÑÑÑоена, пÑименÑеÑÑÑ Ð¿Ð¾Ð»Ð¸Ñика камеÑÑ Ð¿Ð¾ ÑмолÑаниÑ.
@@ -983,17 +997,23 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferences. <
-
-
-
-
-
-
-
- Ðе ÑазÑеÑаÑÑ Ð¸Ð·Ð¼ÐµÐ½ÑÑÑ Ð½Ð°ÑÑÑойки заÑиÑÑ Ð¾Ñ Ð¾ÑÑлеживаниÑ.
- ÐлокиÑоваÑÑ ÑкÑипÑÑ Ð¼Ð°Ð¹Ð½Ð¸Ð½Ð³Ð°.
- ÐлокиÑоваÑÑ ÑкÑипÑÑ ÑнÑÑÐ¸Ñ Ð¾ÑпеÑаÑков палÑÑев.
- ÐÑклÑÑениÑ:
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Ðе ÑазÑеÑаÑÑ Ð¸Ð·Ð¼ÐµÐ½ÑÑÑ Ð½Ð°ÑÑÑойки заÑиÑÑ Ð¾Ñ Ð¾ÑÑлеживаниÑ.
+ ÐлокиÑоваÑÑ ÑкÑипÑÑ Ð¼Ð°Ð¹Ð½Ð¸Ð½Ð³Ð°.
+ ÐлокиÑоваÑÑ ÑкÑипÑÑ ÑнÑÑÐ¸Ñ Ð¾ÑпеÑаÑков палÑÑев.
+ ÐÑклÑÑениÑ:
diff --git a/windows/zh-CN/firefox.adml b/windows/zh-CN/firefox.adml
index b114a53..0b4e518 100644
--- a/windows/zh-CN/firefox.adml
+++ b/windows/zh-CN/firefox.adml
@@ -392,6 +392,20 @@ Mozilla 建议æ¨ä¸è¦ç¦ç¨ Telemetryã éè¿ Telemetry æ¶éå°çä¿¡æ¯
è¥å¯ç¨æ¤ååï¼ç¨æ·å°æ æ³è°æ´ Cookie å好设置ã
è¥ç¦ç¨æä¸è®¾å®æ¤ååï¼å使ç¨è
è½å¤èªè¡è°æ´ Cookie å好设å®ã
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
è¥å¯ç¨æ¤ååï¼å°å
许æå®æ¥æºç½å访é®æå头ã
è¥ç¦ç¨æä¸è®¾å®æ¤ååï¼åä¾å¾ªé¢è®¾æå½±æºååååã
@@ -981,13 +995,19 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferencesã
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
ä¸å
许è°æ´è¿½è¸ªä¿æ¤å好设置ã
å°éå å¯è´§å¸éç¿ç¨åºã
å°éæ°ä½æ纹追踪ç¨åºã
diff --git a/windows/zh-TW/firefox.adml b/windows/zh-TW/firefox.adml
index 9495c90..36ed4d6 100644
--- a/windows/zh-TW/firefox.adml
+++ b/windows/zh-TW/firefox.adml
@@ -392,6 +392,20 @@ Mozilla 建è°æ¨ä¸è¦åç¨ Telemetryãéé Telemetry æ¶éå°çè³è¨å¯
è¥åç¨æ¤ååï¼ä½¿ç¨è
å°ç¡æ³èª¿æ´ Cookie å好è¨å®ã
è¥åç¨æä¸è¨å®æ¤ååï¼å使ç¨è
è½å¤ èªè¡èª¿æ´ Cookie å好è¨å®ã
+ Cookie Behavior
+ If this policy is enabled, you can configure cookie behavior.
+
+If this policy is not configured or disabled, cookies are rejected for known trackers.
+ Cookie Behavior in private browsing
+ If this policy is enabled, you can configure cookie behavior in private browsing.
+
+If this policy is not configured or disabled, in private browsing, cookies are rejected for known trackers and third-party cookies are partitioned.
+ Accept all cookies
+ Reject third party cookies
+ Reject all cookies
+ Reject third party cookies for sites you haven't visited
+ Reject cookies for known trackers
+ Reject cookies for known trackers and partition third-party cookies (Total Cookie Protection)
è¥åç¨æ¤ååï¼å°å
許æå®ä¾æºç¶²åååæå½±æ©ã
è¥åç¨æä¸è¨å®æ¤ååï¼åä¾å¾ªé è¨æå½±æ©ååååã
@@ -984,6 +998,12 @@ https://github.com/mozilla/policy-templates/blob/master/README.md#preferencesã
+
+
+
+
+
+
--
2.34.1