[Support] uMatrix

In the dashboard there’s a tab “My rules” with a section “Permanent rules”

* * * block

    • css allow
    • frame block
    • image allow

I am curious about * * frame block. Isn’t this already covered by * * * block?

The idea is that one may want to allow the “all” cell – to quickly unbreak a site), but still keep blocking frames.

I have not had any success finding an explanation of the red & green triangles that appear in the top left corner of some of the rows. Could you please explain them? Thanks.
Otherwise: this is a very useful extension for Chrome! Thank you for writing it.

The matrix cells.

Hi @gorhill
Thank you for a superb addon!
I like it so much I was wondering if it could be added to the new Safari extensions?
All the regular blockers and more are available, but I’d much rather use µMatrix!
Thanks!

Is there a way to collapse subdomains automatically, like on uBlock Origin?

There is a collapse button in the all cell, it will expand/collapse the subdomains for all the domains.

Does regex work with rules ?

Thank you. I eventually found it by myself but forgot to make another post here.

From the uMatrix wiki:

The logic behind referrer spoofing is simpler now: it’s whether the switch referrer spoofing is turned on, and whether the domain of the referrer URL is third-party to the domain of the request URL. Whether the domain of the URL of a request is whitelisted is now irrelevant.

I understand that you prefer to use the whitelist for requests from a domain instead of requests to a domain (like RefControl does), so that it follows the logic of “scopes” applied by the other uMatrix options.

However, have you considered whitelisting requests for both cases: whether the request happens within a whitelisted scope or to a whitelisted scope/domain?

For example, this page and many other websites use Solvemedia captchas, which require a valid referrer. Instead of whitelisting all those websites manually, it would better if whitelisting Solvemedia domains was enough:

referrer-spoof: api.solvemedia.com false
referrer-spoof: solvemedia.com false

The problem with this new proposed behavior is that for referrer-spoofing to occur, both the source and destination site would need to have the referrer-spoofing switch turned on.

This may not seem an issue for when referrer-spoofing is globally turned on, but this becomes one for those working with referrer-spoofing globally turned off, since this would mean that merely turning on referrer-spoofing for the current site would not be enough for the referrer-spoofing to kick in, it would have also be turned on for all the 3rd-party sites used by that site.

1 Like

uMatrix clashes with uBO and causes “Extension Error” randomly. Is there a way to prevent it from causing extension error ?

Hi @gorhill, I would like to work around the known issue of umatrix not parsing “noscript” tags (when all scripts are disabled) by disabling scripts on those problematic sites using chrome inbuilt functionality for blocking javascript.
problem is that chrome reports that Javascript is enabled by an extension and disabling is blocked. Is that a necessity for umatrix? Is there another work around?
BTW, I am amazed by the amount of free support you provide for your free product! Thanks for giving us more powerful vehicle with which to navigate cyber-space!

Why does uMatrix do this? Sometimes the control popup displays too small and I can’t reach parts of it.

Has this thread been abandoned?

Hey @gorhill ,

Thanks for the addon, it’s been incredibly useful. Just had some questions/ideas about uMatrix.

  1. I’ve noticed that in order for bookmarklets to work, first party scripts need to be allowed. I was wondering if there’s any way to allow them to work without enabling first party scripts on every site. Or, if that’s not possible, is it possible to only allow scripts from the top level domain and not subdomains (ex: allow scripts for google.com but not apis.google.com) for all sites?

  2. Something that would be handy would be a way to make shortcuts (perhaps in some sort of drop down menu) that temporarily enable a set of rules. For instance, I don’t want to spend resources loading disqus comments on every site, but if I want to see them temporarily for a specific article, I’d have to unbreak it each time, rather than making a permanent set-and-forget ruleset to always allow the comments. Though I don’t know how much extra complexity such a feature would add.

  3. After unblocking certain resources, is it possible to have them automatically fetched without having to reload the page (which takes a bit of time,) similar to how blocked media in uBlock is automatically requested when the red placeholder is clicked on? Or instead of the refresh button reloading the page the same way the default firefox button does, it functions to just fetch resources that have been unblocked. If it’s possible, it would make unbreaking sites a lot faster.

  4. I use uMatrix for more fine-tuned blocking, and uBlock for cosmetic blocking and the misc features it provides such as media and remote font blocking. The problem with this is that it can get a bit confusing if a static filter in uBlock blocks something, but uMatrix doesn’t show it/allow exceptions directly from its interface. I tried seeing if copying the rules like (no-large-media: * true) into uMatrix would work but it looks like they’re unsupported. The element picker is also a must have. I was just wondering if it’s easy to put these misc uBlock features into uMatrix so it wouldn’t be necessary to use both of them at the same time. Also, I’d suggest including the rest of the lists from uBlock as well (such as EasyList).

  5. The behind-the-scences requests in the logger are great for making sure addons aren’t phoning home. But it only logs when it’s open (for efficiency reasons, I know), and doesn’t (appear) to have a way to save the logs for later viewing. If it’s not too complicated, I’d suggest a ‘recording’ mode (with filtering of course) that will allow it to log when not open and save the logs to a text file, so I can look at the behind-the-scenes requests over a longer period. Because an addon might only phone home every now and then, and thus might not be noticed.

  6. I don’t know if this is possible with github, but a community-edited section in the wiki could help make the documentation more complete (I’d contribute to it,) and let people share useful rulesets and tricks.

Thanks!

Currently impossible to block Javascript on accounts.google.com if one is using UMatrix.

If you resort to blocking Javascript from within the browser itself then simply having UMatrix enabled in the browser breaks that blocking. It does not matter whether UMatrix setting for scripts for accounts.google.com is red or green. The browser will still run the javacript.

The same thing occurs if one removes the javascript blocking from the browser and simply relies on setting in the UMatrix to determine whether javascript for accounts.google.com are allowed or not. The browser still runs the javascript.

If you attempt to login to gmail.com and have enabled blocking of javascript on accounts.google.com and it is working properly, then should see the older style account login for gmail, the one with the rectangular boxes rather than the undelined fields.

It does not. You still get the newer login screen

That is completely false. I explained to you on GitHub, what was happening: the noscript tags a re not rendered when blocking scripts with uMatrix, hence the meta redirection (which sits in a noscript tag) to the old login is not taken. You dismiss completely my explanation to come here to spread disinformation, that’s just the perfect attitude to discourage open source contributor from bothering to keep going.

1 Like

"You dismiss completely my explanation "

I did not dismiss your explanation. I did not understand your explanation on Github and is why I posted a followup reply to that thread. Shortly afterward you closed the Issues portion for the extension on Github.

I found it confusing since other script blocking extensions like ScriptSafe allows Chrome to blocking of the Javascript in the browser.

I also went back to Github to re read your last response but due to you locking out the Issues section for UMatrix I can not see any of the posts there.

Is it possible to get more up-to-date user agent strings built in by default? The old strings cause issues with Facebook (chat/messages seems to be broken for me when I’m using these), and Inbox (by Gmail) is not available on some of them, and you’re forced to move to Gmail because the browser is “too old”.

1 Like