Firefox for Enterprise Support Forum

Hi everyone, I'm trying to standardize the homepage for the browser which enrolled with Intune on MacOS. I have imported the .plist file as below with the preference domain name as "org.mozilla.firefox". After applied, it returned error and nothing has been changed on the browser. Thanks.

<key>Homepage</key> <key>URL</key> <string>http://example.com</string> <key>StartPage</key> <string>homepage</string>

Hello, Qualys is detecting Vulnerabilites on our Firefox ESR 91.12 Versions which were patched by MFSA2022-29.

It is showing Vulnerabilities because MFSA2022-30 lists CVE's for ESR 102.X and we are on 91.12.

Is there anywhere I can go to get a list of all Vulnerabilities on 91.X to show our Security team, I believe CVE-2022-36314 and CVE-2022-2505 are not present in 91.12 because they are not listed in https://www.mozilla.org/en-US/security/advisories/mfsa2022-29/ but need evidence

Thank You,

Hi,

We've GPOs in place for Edge and Chrome that set said browsers on all our Windows endpoints to open downloaded ICA files in Citrix Workspace.

I've imported the firefox.admx and mozilla.admx file along with assocaited .adml files, checked Github, checked through the GPO settings yet cannot figure out how to do the same with Firefox.

Is there a Mozila Firefox for Windows GPO ADMX setting I can use to control the "Firefox>Settings>General>Files and Applications>Applications" section to add "Content type: ica | Action: Use Citrix Workspace"?

Thanking you....

Hello! As you may know, FireFox does not use the Windows Certificate Store by default. Therefore I have to change the "security.enterprise-roots.enabled" in the preferences on each workstation. I have searched and found ways to enforce this change by GPE , but I wonder if there is a way to change firefox preferences, especially the one I've mentioned, via Registry Editor.

Hello, I am trying to customize the Firefox Homepage XML file and need some assistance as to what fields need to modified with the url to set the default homepage. Please let me know if you have any questions. Thanks

<plist version="1.0"> <dict> <key>EnterprisePoliciesEnabled</key> <true/> <key>AllowedDomainsForApps</key> <string>managedfirefox.com,example.com</string> <key>AppAutoUpdate</key> <true/> <key>AppUpdateURL</key> <string>https://www.example.com/update.xml</string> <key>Authentication</key> <dict> <key>SPNEGO</key> <array> <string>mydomain.com</string> <string>https://myotherdomain.com</string> </array> <key>Delegated</key> <array> <string>mydomain.com</string> <string>https://myotherdomain.com</string> </array> <key>NTLM</key> <array> <string>mydomain.com</string> <string>https://myotherdomain.com</string> </array> <key>AllowNonFQDN</key> <dict> <key>SPNEGO</key> <true/> <key>NTLM</key> <true/> </dict> <key>AllowProxies</key> <dict> <key>SPNEGO</key> <true/> <key>NTLM</key> <true/> </dict> <key>PrivateBrowsing</key> <true/> <key>Locked</key> <true/> </dict> <key>AutoLaunchProtocolsFromOrigins</key> <array> <dict> <key>protocol</key> <string>zoommtg</string> <key>allowed_origins</key> <array> <string>https://somesite.zoom.us</string> </array> </dict> </array> <key>BlockAboutAddons</key> <true/> <key>BlockAboutConfig</key> <true/> <key>BlockAboutProfiles</key> <true/> <key>BlockAboutSupport</key> <true/> <key>Bookmarks</key> <array> <dict> <key>Title</key> <string>Example1</string> <key>URL</key> <string>https://www.example.org</string> <key>Favicon</key> <string>https://www.example.org/favicon.ico</string> <key>Placement</key> <string>toolbar</string> <key>Folder</key> <string>Example1Folder</string> </dict> <dict> <key>Title</key> <string>Example2</string> <key>URL</key> <string>https://www.example.com</string> <key>Favicon</key> <string>https://www.example.com/favicon.ico</string> <key>Placement</key> <string>menu</string> <key>Folder</key> <string>Example2Folder</string> </dict> </array> <key>CaptivePortal</key> <false/> <key>Certificates</key> <dict> <key>ImportEnterpriseRoots</key> <true/> <key>Install</key> <array> <string>cert1.der</string> <string>cert2.pem</string> </array> </dict> <key>Cookies</key> <dict> <key>Allow</key> <array> <string>https://www.example.org/</string> </array> <key>Allowsession</key> <array> <string>https://www.example.edu/</string> </array> <key>Block</key> <array> <string>https://www.example.edu/</string> </array> <key>Behavior</key> <string>limit-foreign</string> <key>Locked</key> <true/> </dict> <key>DefaultDownloadDirectory</key> <string>${home}/Downloads</string> <key>DownloadDirectory</key> <string>${home}/Downloads</string> <key>DNSOverHTTPS</key> <dict> <key>Enabled</key> <false/> <key>ProviderURL</key> <string>URL_TO_ALTERNATE_PROVIDER</string> <key>Locked</key> <true/> <key>ExcludedDomains</key> <array> <string>example.com</string> </array> </dict> <key>DisableAppUpdate</key> <true/> <key>DisableBuiltinPDFViewer</key> <true/> <key>DisabledCiphers</key> <dict> <key>TLS_DHE_RSA_WITH_AES_128_CBC_SHA</key> <true/> <key>TLS_DHE_RSA_WITH_AES_256_CBC_SHA</key> <true/> <key>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA</key> <true/> <key>TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA</key> <true/> <key>TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256</key> <true/> <key>TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256</key> <true/> <key>TLS_RSA_WITH_AES_128_CBC_SHA</key> <true/> <key>TLS_RSA_WITH_AES_256_CBC_SHA</key> <true/> <key>TLS_RSA_WITH_3DES_EDE_CBC_SHA</key> <true/> <key>TLS_RSA_WITH_AES_128_GCM_SHA256</key> <false/> <key>TLS_RSA_WITH_AES_256_GCM_SHA384</key> <false/> </dict> <key>DisableDeveloperTools</key> <true/> <key>DisableFeedbackCommands</key> <true/> <key>DisableFirefoxAccounts</key> <true/> <key>DisableFirefoxScreenshots</key> <true/> <key>DisableFirefoxStudies</key> <true/> <key>DisableForgetButton</key> <true/> <key>DisableFormHistory</key> <true/> <key>DisableMasterPasswordCreation</key> <true/> <key>DisablePasswordReveal</key> <true/> <key>DisablePocket</key> <true/> <key>DisablePrivateBrowsing</key> <true/> <key>DisableProfileImport</key> <true/> <key>DisableProfileRefresh</key> <true/> <key>DisableSafeMode</key> <true/> <key>DisableSecurityBypass</key> <dict> <key>InvalidCertificate</key> <true/> <key>SafeBrowsing</key> <true/> </dict> <key>DisableSetDesktopBackground</key> <true/> <key>DisableSystemAddonUpdate</key> <true/> <key>DisableTelemetry</key> <true/> <key>DisplayBookmarksToolbar</key> <true/> <key>DontCheckDefaultBrowser</key> <true/> <key>EnableTrackingProtection</key> <dict> <key>Value</key> <true/> <key>Locked</key> <true/> <key>Cryptomining</key> <true/> <key>Fingerprinting</key> <true/> <key>Exceptions</key> <array> <string>https://example.com</string> </array> </dict> <key>EncryptedMediaExtensions</key> <dict> <key>Enabled</key> <false/> <key>Locked</key> <false/> </dict> <key>Extensions</key> <dict> <key>Install</key> <array> <string>https://addons.mozilla.org/firefox/downloads/file/1053714/ghostery_privacy_ad_blocker-8.2.4-an+fx.xpi</string> </array> <key>Uninstall</key> <array/> <key>Locked</key> <array> <string>firefox@ghostery.com</string> </array> </dict> <key>ExtensionSettings</key> <dict> <key>*</key> <dict> <key>blocked_install_message</key> <string>Custom error message.</string> <key>install_sources</key> <array> <string>https://addons.mozilla.org/</string> </array> <key>installation_mode</key> <string>blocked</string> </dict> <key>uBlock0@raymondhill.net</key> <dict> <key>installation_mode</key> <string>force_installed</string> <key>install_url</key> <string>https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi</string> </dict> </dict> <key>ExtensionUpdate</key> <false/> <key>FirefoxHome</key> <dict> <key>Search</key> <true/> <key>TopSites</key> <true/> <key>SponsoredTopSites</key> <false/> <key>Highlights</key> <true/> <key>Pocket</key> <false/> <key>SponsoredPocket</key> <false/> <key>Snippets</key> <false/> <key>Locked</key> <true/> </dict> <key>FlashPlugin</key> <dict> <key>Allow</key> <array> <string>https://www.example.com</string> </array> <key>Block</key> <array> <string>https://www.example.org</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> <key>Handlers</key> <dict> <key>mimeTypes</key> <dict> <key>application/msword</key> <dict> <key>action</key> <string>useSystemDefault</string> <key>ask</key> <false/> </dict> </dict> <key>schemes</key> <dict> <key>mailto</key> <dict> <key>action</key> <string>useHelperApp</string> <key>ask</key> <false/> <key>handlers</key> <array> <dict> <key>name</key> <string>Gmail</string> <key>uriTemplate</key> <string>https://mail.google.com/mail/?extsrc=mailto&url=%s</string> </dict> </array> </dict> </dict> <key>extensions</key> <dict> <key>pdf</key> <dict> <key>action</key> <string>useHelperApp</string> <key>ask</key> <false/> <key>handlers</key> <array> <dict> <key>name</key> <string>Adobe Acrobat</string> <key>path</key> <string>/System/Applications/Preview.app</string> </dict> </array> </dict> </dict> </dict> <key>HardwareAcceleration</key> <false/> <key>Homepage</key> <dict> <key>URL</key> <string>http://example.com</string> <key>Locked</key> <true/> <key>Additional</key> <array> <string>https://www.example.com/extra-home1.htm</string> <string>https://www.example.com/extra-home2.htm</string> <string>https://www.example.com/extra-home3.htm</string> </array> <key>StartPage</key> <string>homepage</string> </dict> <key>InstallAddonsPermission</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> <string>https://example.edu</string> </array> <key>Default</key> <false/> </dict> <key>LocalFileLinks</key> <array> <string>http://example.org</string> <string>http://example.edu</string> </array> <key>PrimaryPassword</key> <true/> <key>NetworkPrediction</key> <false/> <key>NewTabPage</key> <false/> <key>NoDefaultBookmarks</key> <true/> <key>OfferToSaveLogins</key> <false/> <key>OfferToSaveLoginsDefault</key> <true/> <key>OverrideFirstRunPage</key> <string>https://www.example.com</string> <key>OverridePostUpdatePage</key> <string></string> <key>PasswordManagerEnabled</key> <false/> <key>PDFjs</key> <dict> <key>Enabled</key> <false/> <key>EnablePermissions</key> <false/> </dict> <key>Permissions</key> <dict> <key>Camera</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Microphone</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Location</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Notifications</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> <key>Autoplay</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>Default</key> <string>block-audio</string> <key>Locked</key> <true/> </dict> <key>VirtualReality</key> <dict> <key>Allow</key> <array> <string>https://example.org</string> </array> <key>Block</key> <array> <string>https://example.edu</string> </array> <key>BlockNewRequests</key> <true/> <key>Locked</key> <true/> </dict> </dict> <key>PictureInPicture</key> <dict> <key>Enabled</key> <false/> <key>Locked</key> <true/> </dict> <key>PopupBlocking</key> <dict> <key>Allow</key> <array> <string>https://www.example.org</string> <string>https://www.example.edu</string> </array> <key>Default</key> <true/> <key>Locked</key> <true/> </dict> <key>Preferences</key> <dict> <key>accessibility.force_disabled</key> <dict> <key>Value</key> <integer>1</integer> <key>Status</key> <string>default</string> </dict> <key>browser.cache.disk.parent_directory</key> <dict> <key>Value</key> <string>SOME_NATIVE_PATH</string> <key>Status</key> <string>user</string> </dict> <key>browser.tabs.warnOnClose</key> <dict> <key>Value</key> <false/> <key>Status</key> <string>locked</string> </dict> </dict> <key>Proxy</key> <dict> <key>SocksVersion</key> <string>4</string> <key>Mode</key> <string>manual</string> <key>HTTPProxy</key> <string>proxy.example.com:80</string> <key>Locked</key> <true/> </dict> <key>RequestedLocales</key> <array> <string>de</string> <string>en-US</string> </array> <key>SanitizeOnShutdown</key> <true/> <key>SearchBar</key> <string>separate</string> <key>UserMessaging</key> <dict> <key>WhatsNew</key> <false/> <key>ExtensionRecommendations</key> <false/> <key>FeatureRecommendations</key> <false/> <key>UrlbarInterventions</key> <false/> <key>SkipOnboarding</key> <true/> </dict> <key>WebsiteFilter</key> <dict> <key>Block</key> <array> <string><all_urls></string> </array> <key>Exceptions</key> <array> <string>https://www.google.com/*</string> <string>https://www.yahoo.com/*</string> </array> </dict> <key>SecurityDevices</key> <dict> <key>NAME_OF_DEVICE</key> <string>PATH_TO_LIBRARY_FOR_DEVICE</string> </dict> <key>ShowHomeButton</key> <true/> <key>SSLVersionMin</key> <string>tls1.2</string> <key>SSLVersionMax</key> <string>tls1.3</string> <key>SupportMenu</key> <dict> <key>Title</key> <string>Click here for help</string> <key>URL</key> <string>http://example.edu/</string> <key>AccessKey</key> <string>C</string> </dict> </dict> </plist>

Hello

I'm Bae, and i'm sorry for my poor English.

I want to make my users be able to use seamless single sign on to Microsoft Azure by setting Firefox config with Active Directory group policy.

First, I created the 'user.js' file and wrote 'user_pref("network.negotiate-auth.trusted-uris","https://autologon.microsoftazuread-sso.com");' and 'user_pref("network.negotiate-auth.delegation-uris","https://autologon.microsoftazuread-sso.com");' in it.

Second, I put this user.js file in the Firefox¥Profiles folder (such as xxx.default-release).

Third, I checked that the setting was changed on about:config.

Last, I also checked that I could use seamless single sign on to "www.office.com".

What I want to do is to distribute this user.js file to my domain users (exactly, to users' firefox profiles folder) by group policy. Please tell me how to do.

Or, if there is any way to set 'network.negotiate-auth.trusted-uris' and 'network.negotiate-auth.delegation-uris' without user.js file, such as Firefox group policy template, please tell me which one I should modify.

Thanks.