I just changed to allow 1st party images only and I'm just adding allow to individual 3rd party images where needed. Kills a lot of unnecessary crap I don't need.
1. Switch to global scope and click the css and image column headers in order to disallow them. 2. Click the css and image cells in the 1st-party row in order to allow them. 3. Save those rules with the padlock. 4. Switch back to domain-specific scope.
I know that I can do that, I wonder if there's any real privacy improvement. Disabling even third-party CSS and images breaks a lot of sites, for example Reddit, Steam and The Guardian.
Well, blocking 3rd party images prevents web bugs. However, the included hosts files in uMatrix already block virtually all adservers and trackers. And most tracking pixels are also blocked by the Adblock Plus - filterlists used in uBlock Origin. So no - I don't think that there is any real privacy improvement.
To add to this: even without blocking 3rd-party images/css (and whatever else passive content used as web bugs), and without using uBO with EasyPrivacy and such, web bugs can be taken care in uMatrix with the following settings: - Blocking 3rd-party cookies -- this can be done in the browser, and/or using * * cookie block in uMatrix. - Enabling "Clear browser cache every [...] minutes" in uMatrix. - Enabling "Spoof HTTP referrer string of third-party requests" in uMatrix.
When I have any Google page open, and then go to any website from my locally saved browser bookmarks, I see references (cookies, images, XHR) to Google in uMatrix. sample screenshot: Does anyone know what is happening exactly?
3rd-party data there is absolut no need for your settings as given. but you block cookies for wilders, that is 1st-party data my first lines in special the last 4 lines seems weird but so many sites are loading stuff from that servers to work proper and it has nothing to do with spying. your google may be a result of an insertation of a google plugin. check your plugins - wilders dont show google here.
You're seeing the referral page. If you go to the privacy setting and check off spoof HTTP referer that should stop.
Thank you for the reply but I'm not sure I understand your post completely. I don't have any Google plugin. And this issue is not limited to wilderssecurity. Thank you for the reply. I did not have spoof HTTP referer enabled in uMatrix settings. This happens ONLY if I am logged in to a Google service, and then browse away to another site.
I have noticed, if scripts are enabled for google.ie, when I click on a result, google.ie is shown in the matrix of that result. "Spoof HTTP referrer string of third-party requests." makes no difference.
Thanks for your work on this. I installed this extension and ublock origin last night, and after getting rid of adblock plus and noscript, I have started playing around. As https://github.com/gorhill/uMatrix/wiki/Examples-of-useful-rulesets, you touch briefly on facebook. I managed to make it work fully, including videos from FB and youtube (have not ried yet with googlevideo) with the following settings. I wonder if they could be further constrained. Please note that I am blocking all the FAMA + Yahoo and Google by default. I add also rules for google that get me most of search and gmail. Thanks for your work in this! facebook.com * block facebook.net * block facebook.com akamaihd.net * allow facebook.com facebook.com * allow facebook.com facenet.net * allow facebook.com fbcdn.net * allow facebook.com staticxx.facebook.com frame allow facebook.com www.facebook.com frame allow facebook.com youtube.com * allow facebook.com youtube.com frame allow facebook.com ytimg.com * allow * google.com * block google.com google.com * allow google.com google.com frame allow google.com ssl.gstatic.com script allow google.com www.gstatic.com script allow
For those of you who are using uMatrix on Firefox alongside Noscript: They work together well if you globally allow scripts in Noscript. However, there was an incompatibility discussed in this issue which is fixed in uMatrix 0.9.3.5rc2 released just a couple of minutes ago. Available in the dev channel on AMO.
Noticed that on Amazon's pages, many CSS and image files are treated as "plugins", is that a bug? uMatrix 0.9.3.6 on Firefox 45
I see it in the log too. uMatrix 0.9.3.6 (Firefox 48beta + Palemoon 26.3.3) But i can't see them in Chrome. Then it's maybe a firefox-related bug.
I have several amazon url's default to allow. There are almost ubiquitous so many sites use amazon servers. amazonaws.com script allow amazonwebapps.com script allow images-amazon.com * allow s3.amazonaws.com * allow ssl-images-amazon.com * allow and at least one set to block amazon-adsystem.com * block
nice list, thank you. but instead allow you should stick with noop in parts www.amazon.com amazon.com * allow www.amazon.com ssl-images-amazon.com * allow www.amazon.de fls-eu.amazon.de * noop www.amazon.de ssl-images-amazon.com * allow allow means allow all - noop means allow but not ads content (eg. ad scripts) PS i use amazon germany, not outside. com is for product research only
I know that. Geezus. I was responding to the rather condescending post by Brummelchen telling me in a uMatrix thread that I should 'stick with noop'.
Deactivating does not work / Missing log entry What exactly is the difference between deactivating uMatrix for a given domain (in the add-on's UI) and deactivating the add-on altogether (in Firefox's about:addons)? When deactivating it in the UI, the log does not show any blocked query but still the page does not load completely. Specifically, I cannot get https://developers.google.com/android/images#bullhead to show me the full page (including the file list) unless I completely de-activate uMatrix.
Well, this site works for me without the need to deactivate uMatrix (if the right cells are whitelisted). Something else must cause this. Have you cleared the cache before loading that site again?