[Support] uMatrix

Thank you. I eventually found it by myself but forgot to make another post here.

From the uMatrix wiki:

The logic behind referrer spoofing is simpler now: it’s whether the switch referrer spoofing is turned on, and whether the domain of the referrer URL is third-party to the domain of the request URL. Whether the domain of the URL of a request is whitelisted is now irrelevant.

I understand that you prefer to use the whitelist for requests from a domain instead of requests to a domain (like RefControl does), so that it follows the logic of “scopes” applied by the other uMatrix options.

However, have you considered whitelisting requests for both cases: whether the request happens within a whitelisted scope or to a whitelisted scope/domain?

For example, this page and many other websites use Solvemedia captchas, which require a valid referrer. Instead of whitelisting all those websites manually, it would better if whitelisting Solvemedia domains was enough:

referrer-spoof: api.solvemedia.com false
referrer-spoof: solvemedia.com false

The problem with this new proposed behavior is that for referrer-spoofing to occur, both the source and destination site would need to have the referrer-spoofing switch turned on.

This may not seem an issue for when referrer-spoofing is globally turned on, but this becomes one for those working with referrer-spoofing globally turned off, since this would mean that merely turning on referrer-spoofing for the current site would not be enough for the referrer-spoofing to kick in, it would have also be turned on for all the 3rd-party sites used by that site.

1 Like

uMatrix clashes with uBO and causes “Extension Error” randomly. Is there a way to prevent it from causing extension error ?

Hi @gorhill, I would like to work around the known issue of umatrix not parsing “noscript” tags (when all scripts are disabled) by disabling scripts on those problematic sites using chrome inbuilt functionality for blocking javascript.
problem is that chrome reports that Javascript is enabled by an extension and disabling is blocked. Is that a necessity for umatrix? Is there another work around?
BTW, I am amazed by the amount of free support you provide for your free product! Thanks for giving us more powerful vehicle with which to navigate cyber-space!

Why does uMatrix do this? Sometimes the control popup displays too small and I can’t reach parts of it.

Has this thread been abandoned?

Hey @gorhill ,

Thanks for the addon, it’s been incredibly useful. Just had some questions/ideas about uMatrix.

  1. I’ve noticed that in order for bookmarklets to work, first party scripts need to be allowed. I was wondering if there’s any way to allow them to work without enabling first party scripts on every site. Or, if that’s not possible, is it possible to only allow scripts from the top level domain and not subdomains (ex: allow scripts for google.com but not apis.google.com) for all sites?

  2. Something that would be handy would be a way to make shortcuts (perhaps in some sort of drop down menu) that temporarily enable a set of rules. For instance, I don’t want to spend resources loading disqus comments on every site, but if I want to see them temporarily for a specific article, I’d have to unbreak it each time, rather than making a permanent set-and-forget ruleset to always allow the comments. Though I don’t know how much extra complexity such a feature would add.

  3. After unblocking certain resources, is it possible to have them automatically fetched without having to reload the page (which takes a bit of time,) similar to how blocked media in uBlock is automatically requested when the red placeholder is clicked on? Or instead of the refresh button reloading the page the same way the default firefox button does, it functions to just fetch resources that have been unblocked. If it’s possible, it would make unbreaking sites a lot faster.

  4. I use uMatrix for more fine-tuned blocking, and uBlock for cosmetic blocking and the misc features it provides such as media and remote font blocking. The problem with this is that it can get a bit confusing if a static filter in uBlock blocks something, but uMatrix doesn’t show it/allow exceptions directly from its interface. I tried seeing if copying the rules like (no-large-media: * true) into uMatrix would work but it looks like they’re unsupported. The element picker is also a must have. I was just wondering if it’s easy to put these misc uBlock features into uMatrix so it wouldn’t be necessary to use both of them at the same time. Also, I’d suggest including the rest of the lists from uBlock as well (such as EasyList).

  5. The behind-the-scences requests in the logger are great for making sure addons aren’t phoning home. But it only logs when it’s open (for efficiency reasons, I know), and doesn’t (appear) to have a way to save the logs for later viewing. If it’s not too complicated, I’d suggest a ‘recording’ mode (with filtering of course) that will allow it to log when not open and save the logs to a text file, so I can look at the behind-the-scenes requests over a longer period. Because an addon might only phone home every now and then, and thus might not be noticed.

  6. I don’t know if this is possible with github, but a community-edited section in the wiki could help make the documentation more complete (I’d contribute to it,) and let people share useful rulesets and tricks.


Currently impossible to block Javascript on accounts.google.com if one is using UMatrix.

If you resort to blocking Javascript from within the browser itself then simply having UMatrix enabled in the browser breaks that blocking. It does not matter whether UMatrix setting for scripts for accounts.google.com is red or green. The browser will still run the javacript.

The same thing occurs if one removes the javascript blocking from the browser and simply relies on setting in the UMatrix to determine whether javascript for accounts.google.com are allowed or not. The browser still runs the javascript.

If you attempt to login to gmail.com and have enabled blocking of javascript on accounts.google.com and it is working properly, then should see the older style account login for gmail, the one with the rectangular boxes rather than the undelined fields.

It does not. You still get the newer login screen

That is completely false. I explained to you on GitHub, what was happening: the noscript tags a re not rendered when blocking scripts with uMatrix, hence the meta redirection (which sits in a noscript tag) to the old login is not taken. You dismiss completely my explanation to come here to spread disinformation, that’s just the perfect attitude to discourage open source contributor from bothering to keep going.

1 Like

"You dismiss completely my explanation "

I did not dismiss your explanation. I did not understand your explanation on Github and is why I posted a followup reply to that thread. Shortly afterward you closed the Issues portion for the extension on Github.

I found it confusing since other script blocking extensions like ScriptSafe allows Chrome to blocking of the Javascript in the browser.

I also went back to Github to re read your last response but due to you locking out the Issues section for UMatrix I can not see any of the posts there.

Is it possible to get more up-to-date user agent strings built in by default? The old strings cause issues with Facebook (chat/messages seems to be broken for me when I’m using these), and Inbox (by Gmail) is not available on some of them, and you’re forced to move to Gmail because the browser is “too old”.

1 Like

When matrix filtering is disabled for a scope is it possible to have the icon turn grey?

Some sites I have to turn off matrix filtering for the entire scope just so I can accomplish whatever task, but later forget when I’m interacting with the site that there’s no protection. uBlock Origin for example turns grey when turned off for the particular site.

As of Firefox Nightly June 20, all 4chan threads will crash while umatrix 1.01b1 is enabled, even filtering is disabled for the 4chan.org scope.

Has occurred on a clean profile with nothing but uBlock and uMatrix installed

Edit: resolved as of 1.01b2! Thanks for the speedy fix!

From time to time I notice that the blocklists are not updating.
I then have to do it manually until they fail again.
What can I do regarding that?

Yes it is! I don’t even see the frames anymore. :slight_smile:

I cant find any place to report issues about uMatrix (for uBlock it is possible to create them at the github).
The problem is:

I have tried also 1.0.0 version - the same problem. Part of uMatrxi menu is hidden.
I have 56.0a1 (2017-07-22) (64-bit) Firefox.

I have almost the same issue. Do you have Nightly firefox?

Thank you for this very useful add-on

As pointed out by @frankie and @muhamadejevs the popup width is insufficient to display all content hence extremely limited usefulness.

I have tried to remove/install the official latest release of the add-on including the 1.01b2 without success.

It looks as if the top left corner (the origin) of the pop-up is miscalculated or just wrong stored value.

Any hint would be greatly appreciated.

BTW: it is unfortunate that the issue tracker from github is unavailable.

I think it should be elemental to keep rules and rules combinations list as short as possible. However globally opening something (pass) might lead to cases where passes are allowed there where it isn’t hoped / planned. But it is a fact in the matter that at least trying to favor global rules instead of fine grained and tuned site specific scopes will be less of a burden to system resources.