2024-07-03 18:08:14 +02:00
|
|
|
<!-- @format -->
|
|
|
|
|
2024-02-01 18:48:27 +01:00
|
|
|
# Firefox `policies.json`
|
|
|
|
|
2024-02-12 16:10:51 +01:00
|
|
|
- https://mozilla.github.io/policy-templates/
|
|
|
|
|
2024-02-01 18:48:27 +01:00
|
|
|
The file is pretty self-explanatory, but I prefer Chromium way of handling
|
|
|
|
enterprise policies since it allows me to cut them to multiple different files
|
|
|
|
per whatever I am doing.
|
|
|
|
|
|
|
|
<!-- editorconfig-checker-disable -->
|
|
|
|
<!-- prettier-ignore-start -->
|
|
|
|
|
|
|
|
<!-- START doctoc generated TOC please keep comment here to allow auto update -->
|
|
|
|
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->
|
|
|
|
|
|
|
|
- [WARNING TO LIBREWOLF USERS](#warning-to-librewolf-users)
|
2024-05-16 14:03:01 +02:00
|
|
|
- [General warning](#general-warning)
|
2024-02-08 09:15:26 +01:00
|
|
|
- [Extensions](#extensions)
|
2024-05-17 13:28:14 +02:00
|
|
|
- [DuckDuckGo](#duckduckgo)
|
2024-02-08 09:15:26 +01:00
|
|
|
- [Privacy Badger](#privacy-badger)
|
2024-05-14 10:18:26 +02:00
|
|
|
- [Duplicate](#duplicate)
|
2024-02-08 09:15:26 +01:00
|
|
|
- [Search engines](#search-engines)
|
2024-05-13 20:54:05 +02:00
|
|
|
- [Useful looking things for the future](#useful-looking-things-for-the-future)
|
|
|
|
- [Certificate installations](#certificate-installations)
|
2024-05-14 07:49:45 +02:00
|
|
|
- [Things that look useful, but aren't](#things-that-look-useful-but-arent)
|
|
|
|
- [WebSiteFilter](#websitefilter)
|
2024-02-01 18:48:27 +01:00
|
|
|
|
|
|
|
<!-- END doctoc generated TOC please keep comment here to allow auto update -->
|
|
|
|
|
|
|
|
<!-- prettier-ignore-end -->
|
|
|
|
<!-- editorconfig-checker-enable -->
|
|
|
|
|
|
|
|
## WARNING TO LIBREWOLF USERS
|
|
|
|
|
|
|
|
This file takes priority over
|
2024-07-03 18:08:14 +02:00
|
|
|
`/usr/share/librewolf/distribution/policies.json` so don't apply this or a lot
|
|
|
|
of LibreWolf specific customizations stops being in force.
|
2024-02-01 18:48:27 +01:00
|
|
|
|
2024-05-16 14:03:01 +02:00
|
|
|
## General warning
|
|
|
|
|
|
|
|
This is meant for me and devices I maintain for self-dogfooding so there are
|
|
|
|
opinions. Including those Firefox won't accept and will appear as warnings or
|
|
|
|
errors in `about:config` depending on the release channel or even all of them.
|
|
|
|
|
2024-02-08 09:15:26 +01:00
|
|
|
## Extensions
|
|
|
|
|
|
|
|
They are mostly self-explanatory.
|
|
|
|
|
2024-05-17 13:28:14 +02:00
|
|
|
### DuckDuckGo
|
|
|
|
|
|
|
|
- `jid1-ZAdIEUB7XOzOJw@jetpack`
|
|
|
|
|
|
|
|
Although it's not installed, I accidentally learned to manage it to tell it to
|
|
|
|
shut up on install, because I know what is DuckDuckGo.
|
|
|
|
|
2024-02-08 09:15:26 +01:00
|
|
|
### Privacy Badger
|
2024-02-01 18:48:27 +01:00
|
|
|
|
|
|
|
- `jid1-MnnxcxisBPnSXQ-eff@jetpack` - Downloaded directly from EFF.
|
|
|
|
|
|
|
|
Configured to learn locally and also in incognito as opposed to only relying
|
|
|
|
on vendor list. Also not display the "Welcome to Privacy Badger screen".
|
|
|
|
|
|
|
|
See also:
|
|
|
|
|
|
|
|
- https://github.com/EFForg/privacybadger/blob/master/doc/admin-deployment.md
|
|
|
|
- https://github.com/EFForg/privacybadger/blob/master/src/data/schema.json
|
2024-02-08 08:37:06 +01:00
|
|
|
|
2024-05-14 10:18:26 +02:00
|
|
|
#### Duplicate
|
|
|
|
|
|
|
|
```diff
|
|
|
|
- "jid1-MnnxcxisBPnSXQ-eff@jetpack": {
|
|
|
|
- "install_url": "https://www.eff.org/files/privacy-badger-latest.xpi",
|
|
|
|
+ "jid1-MnnxcxisBPnSXQ@jetpack": {
|
|
|
|
+ "install_url": "https://addons.mozilla.org/firefox/downloads/latest/privacy-badger17/latest.xpi",
|
|
|
|
```
|
|
|
|
|
|
|
|
The EFF.org version won't sync and if you sync with unmanaged computer, you
|
|
|
|
will have two PrivacyBadgers. Congratulations?
|
|
|
|
|
2024-02-08 09:15:26 +01:00
|
|
|
## Search engines
|
|
|
|
|
2024-02-08 09:42:34 +01:00
|
|
|
> Policy SearchEngines is only allowed on ESR.
|
|
|
|
|
2024-02-11 12:23:04 +01:00
|
|
|
But who cares? Anyway thus DuckDuckGo extension is installed by default so
|
|
|
|
when testing this policy I won't have to see Google.
|
2024-03-24 07:17:31 +01:00
|
|
|
|
|
|
|
Additionally it's a lie since at least Nightly reads it too without
|
|
|
|
complaining.
|
2024-05-13 20:54:05 +02:00
|
|
|
|
|
|
|
## Useful looking things for the future
|
|
|
|
|
|
|
|
### Certificate installations
|
|
|
|
|
|
|
|
In the `certificates` section
|
|
|
|
|
|
|
|
```json
|
|
|
|
{
|
|
|
|
"Install": ["my_certificate_here.pem"]
|
|
|
|
}
|
|
|
|
```
|
2024-05-14 07:49:45 +02:00
|
|
|
|
|
|
|
## Things that look useful, but aren't
|
|
|
|
|
|
|
|
### WebSiteFilter
|
|
|
|
|
|
|
|
```json
|
|
|
|
{
|
|
|
|
"policies": {
|
|
|
|
"WebsiteFilter": {
|
|
|
|
"Block": ["<all_urls>"],
|
|
|
|
"Exceptions": ["http://example.org/*"]
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
|
|
|
Ok, nice, but my policy is already forcing AdNauseam which enforces my
|
|
|
|
blocklist which is more practical.
|
|
|
|
|
|
|
|
Granted users can use private browsing mode to get past it, but I am not
|
|
|
|
blocking actively malicious domains.
|