commit fd3c32ffc06af01a6b6e773ac6a243d44265c87b
parent 0c1efe49759aff467d31238ea10851c30bf83315
Author: smayya <smayya@mozilla.com>
Date: Wed, 15 Oct 2025 12:16:29 +0000
Bug 1988152 - support enterprise policy for domain based filtering for LNA. r=necko-reviewers,jesup,mkaply
Differential Revision: https://phabricator.services.mozilla.com/D268264
Diffstat:
3 files changed, 103 insertions(+), 0 deletions(-)
diff --git a/browser/components/enterprisepolicies/Policies.sys.mjs b/browser/components/enterprisepolicies/Policies.sys.mjs
@@ -1867,6 +1867,16 @@ export var Policies = {
);
}
}
+
+ // Handle SkipDomains separately (can be set independently of Enabled)
+ if ("SkipDomains" in param && Array.isArray(param.SkipDomains)) {
+ let skipDomainsValue = param.SkipDomains.join(",");
+ PoliciesUtils.setDefaultPref(
+ "network.lna.skip-domains",
+ skipDomainsValue,
+ param.Locked
+ );
+ }
},
},
diff --git a/browser/components/enterprisepolicies/schemas/policies-schema.json b/browser/components/enterprisepolicies/schemas/policies-schema.json
@@ -1011,6 +1011,12 @@
"EnablePrompting": {
"type": "boolean"
},
+ "SkipDomains": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ }
+ },
"Locked": {
"type": "boolean"
}
diff --git a/browser/components/enterprisepolicies/tests/xpcshell/test_local_network_access.js b/browser/components/enterprisepolicies/tests/xpcshell/test_local_network_access.js
@@ -417,3 +417,90 @@ add_task(async function test_local_network_access_policy_enforcement() {
"Preference should still be locked"
);
});
+
+add_task(async function test_local_network_access_skip_domains() {
+ // Test SkipDomains policy
+ await setupPolicyEngineWithJson({
+ policies: {
+ LocalNetworkAccess: {
+ SkipDomains: ["example.com", "*.local", "localhost"],
+ },
+ },
+ });
+
+ equal(
+ Services.prefs.getCharPref("network.lna.skip-domains"),
+ "example.com,*.local,localhost",
+ "network.lna.skip-domains should be set correctly"
+ );
+
+ equal(
+ Services.prefs.prefIsLocked("network.lna.skip-domains"),
+ false,
+ "network.lna.skip-domains should not be locked when Locked is not specified"
+ );
+});
+
+add_task(async function test_local_network_access_skip_domains_locked() {
+ // Test SkipDomains policy with locking
+ await setupPolicyEngineWithJson({
+ policies: {
+ LocalNetworkAccess: {
+ SkipDomains: ["*.example.com", "server.local"],
+ Locked: true,
+ },
+ },
+ });
+
+ equal(
+ Services.prefs.getCharPref("network.lna.skip-domains"),
+ "*.example.com,server.local",
+ "network.lna.skip-domains should be set correctly"
+ );
+
+ equal(
+ Services.prefs.prefIsLocked("network.lna.skip-domains"),
+ true,
+ "network.lna.skip-domains should be locked when Locked: true is specified"
+ );
+});
+
+add_task(async function test_local_network_access_enabled_with_skip_domains() {
+ // Test combining Enabled with SkipDomains
+ await setupPolicyEngineWithJson({
+ policies: {
+ LocalNetworkAccess: {
+ Enabled: true,
+ SkipDomains: ["*"],
+ },
+ },
+ });
+
+ equal(
+ Services.prefs.getBoolPref("network.lna.enabled"),
+ true,
+ "network.lna.enabled should be true"
+ );
+ equal(
+ Services.prefs.getCharPref("network.lna.skip-domains"),
+ "*",
+ 'network.lna.skip-domains should be "*" to skip all domains'
+ );
+});
+
+add_task(async function test_local_network_access_skip_domains_empty_array() {
+ // Test SkipDomains with empty array
+ await setupPolicyEngineWithJson({
+ policies: {
+ LocalNetworkAccess: {
+ SkipDomains: [],
+ },
+ },
+ });
+
+ equal(
+ Services.prefs.getCharPref("network.lna.skip-domains"),
+ "",
+ "network.lna.skip-domains should be empty string for empty array"
+ );
+});
