µMatrix - the HTTP Switchboard successor

Does umatrix block WEBRTC leaks in chrome?

 

Of course not. There has been one so and so extension, I would stay away installing.

Blocking scripts, plugins possibly other needed too, you can of block it with uMatrix. Otherwise there is nothing we can do as chromium is not allowing to block it.

 

There are fixes in the dev channel, though:

https://code.google.com/p/chromium/issues/detail?id=457629
https://code.google.com/p/chromium/issues/detail?id=466197
https://codereview.chromium.org/916873004

 

Wow!!! That was quite a scare over at the other "ublock" thread that the uniquely gifted Mr. Gorhill may have been "possibly" in a state of "in flux" about the extensions projects. Again (ad nauseum) , if Mr. Gorhill ever changed his mind about accepting donations-->>(and MANY of those dastardly extension developers have with a whole lot less reasons to work with)..! Just sayin'.. and with all due respect. Bet'chya the line here at Wilders would be long and arduous (misnomers aside) to contribute to a good cause!!

p.s. Dear Mr. Raymond Gorhill... we really do appreciate you!

 

How do you do that in uMatrix?

 

What is the most similar to uMatrix app for Firefox? Thanks

 

Request Policy & Policeman

 

Remove the rule
* 1st-part * allow

Everything reddish in matrix elements is blocked, now also then 1st party allowances of those things needed to block webrtc. Just we can't currently block it with allowed scopes. When we need to allow scripts etc. for the sites to work.

 

I did the test and it works ( https://diafygi.github.io/webrtc-ips/ )

It's not so userfriendly to uncheck * 1st-part * allow , I like better to add this extension.

 

That extension you linked has already been proved to not work.

 

Disable javascript breaks 99% site navi.. if only uMatrix have specific webrtc block function..

 

How can you tell allowing all to every 1st party sites is really ok?
I have a lots of reasons to hate that install rule! Not just that.

Many times I have seen new users making some stupid global block rules. For scripts and other category instead just frames. Because either they are not knowing how to operate uMatrix with the scope whitelisting or what I don't really know?

So that rule really "shoots new users in their leg". How hard can it really be to allow 1st party on the site basis? NoScript blocks that on Firefox and other blockers I have used too.

Admitted uMatrix is a bit more hardcore with the scopes and making global rules for some sites should be learned later if needed.

 

Is there any chance gorhill make uMatrix for firefox? tho we know he's busy with ublock..

 

Shouldn't something like this be caught by uMatrix? The new "enhanced bookmarks" (enabled in beta I believe, and available as a flag option) basically has a built-in Google instant search. I have behind-the-scenes and chrome-scheme fully blocked, and no XHR allows for Google domains. It's not even logged by uMatrix. I don't have much use for this anyway so I disabled the flag but maybe somebody could fill me in on what's going on here.

https://i.imgur.com/aWJ87is.png

(The blurred stuff was just a few attempts to fetch some favicons.)

 

i was just trying to read the latest AV test results on http://www.av-comparatives.org/dynamic-tests/
Now with uMatrix I can't see the pdf file, even if I disable matrix filtering.

Most likely cause is updating Chrome to version 42 today and it braking uMatrix?
Another change but unlikely possible cause is disabling webrtc with the file edit: https://www.wilderssecurity.com/thre...r-local-ip-address.372835/page-2#post-2481546

Now I will have to disable uMatrix extension to see pdf files!

 

Works fine on my end with both Umatrix and Ublock combo. DO you use click and play by chance? 42 marked a change in policy and you must now right click then select "run plugin" as opposed to the classic 1 click

 

Thank you for the suggestions, but I found that it is indeed a compatibility problem with the latest Chrome update to version 42. It works for you I guess because you have allowed chromium-behind-the-scene:
https://github.com/gorhill/httpswitchboard/wiki/Behind-the-scene-requests

This option can be set in the Privacy-tab of Options and if not allowed, you will have to temporary allow it to be able to update or install extensions.

What has now changed with the latest Chrome update is that pdf files can't be also be seen. There should be no problems in that. Unless allowing behind the scene requests (default uMatrix behaviour), then pdfs work too.

Will affect the hardcore uMatrix users and not most ones with say default install settings.

 

Confirmed. You have to allow "Other" for the respective site in the behind-the-scene matrix. This had not been the case for up to v. 41. That is inconvenient, indeed. Perhaps Raymond can find a work-around for this problem.

 

The only potential road block with asking for a resolve to this:

link: https://github.com/gorhill/httpswitchboard/wiki/Behind-the-scene-requests

 

Yes, true. But the point is that in previous Chrome versions loading a PDF file didn't affect behind-the-scene requests. One had to allow "other" in the normal matrix. Now it's much more inconvenient - unless you generally allow behind-the-scene requests. But that means that you don't have control any more over what, e.g., other extensions are doing. According to Raymond, we'll have to accept that.

 

Regarding the PDF viewer problem for those users who block behind-the-scene requests there is one possible solution: Disable the built-in Chrome PDF viewer in chrome://plugins and install the Mozilla PDF Viewer extension instead. This extension should work out-of-the-box. For some finetuning you can load a PDF file, click the uMatrix symbol (while in that tab) where you now find the chromium-extension-scheme. By default it's disabled. You can enable it, blacklist everything except the XHR column, and click the padlock. Done.

Worth a try, IMO.

EDIT: I'll have to see if other extensions are affected somehow.

EDIT2: gorhill says:

 

Interesting. I wonder if this issue has something to do with version 42 now showing 2 files for Chrome PDF Viewer under chrome://plugins/ when you click on Details. Another thing, version 42 has no pdf.dll in it's application directory. There seems to be significant internal changes from 41 to 42 with regards to Chrome PDF Viewer.

 

I did the test again with a brand new Chrome Profile + WebRTC Block + ZenMate VPN
you are right, WebRTC Block works only for a single refresh, but if I close the browser and do the test again I fail the test
thank you

I prefer to block inline scripts with ublock and a specific rule for websites where I need them (like this forum) and umatrix only for 3rd party

http://s17.postimg.org/5df5ddou7/T1uvp5b.png

http://i.imgur.com/q3m1sZb.png

http://i.imgur.com/nszqIbK.png

 

So according to the Umatirx wiki, if I am globally blocking scripts (including 1st party) than blocking inline scripts via ublock would be ill advised correct?

 

I might try that tlu. For now I allowed other in the chromium-behind-the-scene scope. Thank you for your input in this.