Browser Policy Manager: Managing Firefox Policies in Organizations
Browser Policy Manager is an open-source tool for creating, editing, and managing Firefox policy profiles in enterprise environments. The project focuses on the full lifecycle of configurations: from step-by-step setup to version comparisons and exports in JSON or YAML. It supports Firefox ESR 140.9 and Release 149 schemas. Built with FastAPI, SQLAlchemy, Alembic, SQLite, Jinja2, and the Monaco editor for precise technical documentation handling.
In organizations, browsers serve as critical gateways to internal systems, cloud services, and document workflows. Misconfigured policies can lead to vulnerabilities like unauthorized access or data leaks. This tool tackles fragmented settings by providing a unified profile model for all operations.
Policy Profile Lifecycle
The policy profile is the project's core entity. It goes through creation, validation, comparison, archiving, and export stages. Rather than a simple JSON generator, it offers a complete workflow:
- Creation: Step-by-step wizard with Firefox schema validation.
- Editing: Direct JSON access in "Tech Doc" mode using Monaco Editor.
- Comparison: Diff views by settings categories between versions.
- Archiving: Snapshot saves for easy rollbacks.
- Export: Download in JSON or YAML for deployment.
The interface is at /profiles, API at /api/profiles. All views (wizard, editor, viewer) sync with the canonical data model, preventing inconsistencies.
{
"policies": {
"DisableAppUpdate": true,
"Extensions": {
"Install": ["[email protected]"]
}
}
}
Example basic policy in JSON: disabling updates and installing extensions.
Technical Architecture
The stack prioritizes reliability and scalability:
- Backend: FastAPI for APIs, SQLAlchemy + Alembic for database migrations, SQLite as the default store.
- Frontend: Jinja2 for templates, static files with Monaco Editor for JSON editing.
- Validation: Built-in Firefox policy schemas with real-time input checks.
- Localization: Out-of-the-box en/ru support with consistent terminology.
The project avoids fragmentation: wizard changes instantly update the tech doc and API. This streamlines team collaboration—colleagues can just pull diffs or summaries.
For senior developers, the standout feature is API integration: automate profiles via /api/profiles with full CRUD operations and bulk comparisons.
Key Use Cases
- Enterprise Deployment: Generate policies for GPO or MDM systems.
- Configuration Audits: Compare current profiles against baselines.
- Testing: Clone and tweak for staging environments.
- Compliance Checks: Validate against ESR/Release schemas.
Comparison mode highlights changes by category: Extensions, Security, Network, Updates. This speeds up reviews by 50–70% compared to manual JSON parsing.
Key Highlights
- Unified profile model ties together wizard, editor, and API—no data duplication.
- Full validation against official Firefox ESR 140.9 / Release 149 schemas.
- Open-source under MPL 2.0 with ready en/ru localization.
- Laser-focused on Firefox for deep, specialized support.
- Covers the full cycle: creation to archiving and export.
Future Development and Feedback
The project is at a stage where the architecture is flexible for adjustments. Open questions for client security and config management experts:
- Importing existing
policies.jsonfor migrations. - Advanced diff with visual change highlights.
- Support for Chrome/Edge policies.
- Integration with Ansible/Puppet for automation.
The code is ready for forking and contributions. Test in isolated environments before production.
— Editorial Team
No comments yet.