What's new in uMatrix 1.4.4
Jul 20, 2021
- Fixes:
- Fix exception thrown when a stock asset is removed
- Remove obsolete assets
New in uMatrix 1.4.2 (Jul 20, 2021)
- Fixes:
- Fix infinite recursion with maliciously crafted URL
- Remove no longer existing hpHosts
- mvps host list secure protocol http => https
New in uMatrix 1.4.0 (Sep 6, 2019)
- Changes:
- A new raw setting has been added: suspendTabsUntilReady. The purpose is exactly the same as the same setting in uBlock Origin, so you can refer to uBO's documentation. That setting is taken into account only with Chromium-based browsers, as Firefox is properly equipped to deal with network requests fired before uMatrix is ready.
- Closed as fixed:
- Chromium 72+:
- Cookies leaking temporarily
- Core:
- Cookies missing on very first request if website has service worker with fetch event handler
- Incorrect display of hostnames with numbers in the logger
- Custom recipe does not appear
- Requests bypass uMatrix on Firefox start
New in uMatrix 1.3.16 (Dec 28, 2018)
- Icons:
- Little by little I will be migrating from font-based icons toward SVG-based icons. See uBlockOrigin/uMatrix-issues#68
- Logger:
- The popup panel is now tab selector-bound (rather than logger entry-bound), i.e. it is associated with the tab currently selected.
- There is a new UI to allow setting rules on a per logger entry basis (click the 3rd column): it is similar in look and use to the matrix UI, but it is minimalist: rules which are relevant only for the current entry in the logger are shown. [Note that I am having second thoughts about that new UI -- hence why I have held on releasing a new stable version, because it still does not give access to the per-scope switches. Ideally I should reuse the popup panel, but this will require refactoring work. However, I can't keep on holding forever a stable release, so for now this will be the solution for dealing with setting rules for tab-less network requests.]
- The visual to represent tab-less network requests has been modified. Tab-less network requests will now be represented with "curtains" in the 3rd column.
- Two columns have been added:
- a column to provide the scope in which network requests are made;
- a column to provide visual hint for the third-partyness of requests.
- Closed as fixed:
- Firefox:
- "Corrupted Content Error"
- Logger not working in sidebar
- When pasting multiple lines into the rules editor they are joined together in a single line
- Is there a way to disable JavaScript in local file:// for firefox?
- The idea for the fix has been borrowed from NoScript: use a DOM-based tag to inject CSP directives. This will apply only to documents fetched using file: scheme.
- The fix requires the API browser.contentScripts, which only Firefox supports.
- Core:
- Migrate icons to FontAwesome svg files (from the font file)
- Race condition potentially causing auto-update to be disregarded at launch time
- Behind-the-scene broken at gmail
- Images, videos opened directly in a tab are bypassing respective block rules
- Multiple Redirects Fail
- Some entries are only briefly shown in uMatrix
New in uMatrix 1.3.15 Beta 8 (Oct 4, 2018)
- Icons:
- Little by little I will be migrating from font-based icons toward SVG-based icons. See uBlockOrigin/uMatrix-issues#68. Some of the icons in the latest FontAwesome package -- which now ships with SVG version of all icons -- have been redesigned by the author, so expect some of the icons may look different.
New in uMatrix 1.3.15 Beta 6 (Sep 30, 2018)
- Changes:
- Logger:
- The popup panel is no longer accessible from the logger. The popup panel is tab-bound, i.e. it is a view for a specific tab at the present time, and this does not work for the logger, since the logger can contain entries which are not tab-bound, or entries which are unrelated to the present state of a tab.
- There is a new UI to allow setting rules on a per entry basis (click the 3rd column): it is similar in look and use to the matrix UI, but it is minimalist: rules which are relevant only for the current entry in the logger are shown.
- Two columns have been added:
- a column to provide the scope in which network requests are made;
- a column to provide visual hint for the third-partiness of requests.
- Core:
- Behind-the-scene broken at gmail
- Race condition potentially causing auto-update to be disregarded at launch time
- Some entries are only briefly shown in uMatrix
New in uMatrix 1.3.15 Beta 4 (Sep 26, 2018)
- Closed as fixed:
- Firefox:
- When pasting multiple lines into the rules editor they are joined together in a single line
New in uMatrix 1.3.15 Beta 3 (Sep 26, 2018)
- Core:
- Race condition potentially causing auto-update to be disregarded at launch time
New in uMatrix 1.3.15 Beta 2 (Sep 19, 2018)
- Closed as fixed:
- Firefox:
- Is there a way to disable javascript in local file:// for firefox?
- The idea for the fix has been borrowed from NoScript: use a DOM-based tag to inject CSP directives. This will apply only to documents fetched using file: scheme.
- The fix requires the API browser.contentScripts, which only Firefox supports.
- Core:
- Multiple Redirects Fail
New in uMatrix 1.3.15 Beta 1 (Sep 19, 2018)
- Closed as fixed:
- Core:
- Multiple Redirects Fail
New in uMatrix 1.3.14 (Aug 27, 2018)
- Closed as fixed:
- uMatrix uses the false domain 1.wyciwyg-scheme instead of the real one
- My rules tab hangs with cloud storage support
New in uMatrix 1.3.13 Beta 1 (Aug 25, 2018)
- Fixes:
- Possible fix for "Rules tab hangs with cloud storage support enabled." issue.
New in uMatrix 1.3.13 Beta 0 (Aug 22, 2018)
- uMatrix uses the false domain 1.wyciwyg-scheme instead of the real one:
- uMatrix reports what the Firefox API reports to it: Firefox should be fixed to report seamlessly wyciwyg:// URLs so as to avoid forcing extensions to deal with such URLs, which should be strictly for internal consumption by Firefox.
- Until the issue is fixed in Firefox (if ever), a workaround in uMatrix has been implemented in order to deal with such URLs in a seamless manner in its UI.
- Those URLs still cause quirks however: for example forcing a reload won't work. This is not a uMatrix issue, even Firefox's reload button does not work in such case. The workaround is to click the address bar as if to edit the current URL and press Enter to force a reload.
New in uMatrix 1.3.12 (Jul 17, 2018)
- Closed as fixed:
- Placeholder iframe not shown on particular site using Firefox
New in uMatrix 1.3.11 RC 0 (Jul 5, 2018)
- Closed as fixed:
- Placeholder iframe not shown on particular site using Firefox
New in uMatrix 1.3.10 (Jun 11, 2018)
- Closed as fixed:
- No web page found issue
- Custom recipes don't show up when visiting corresponding host
New in uMatrix 1.3.9b1 Beta (May 15, 2018)
- Firefox:
- No web page found issue
New in uMatrix 1.3.9b0 Beta (May 14, 2018)
- Closed as fixed:
- Custom recipes don't show up when visiting corresponding host
New in uMatrix 1.3.8 (Apr 25, 2018)
- Closed as fixed:
- Ruleset pane size miscalculated
- Placeholder in logger "Network error" message is not replaced
- Shared Workers
New in uMatrix 1.3.7 RC 0 (Apr 21, 2018)
- Closed as fixed:
- Ruleset pane size miscalculated
- Placeholder in logger "Network error" message is not replaced
- Shared Workers
New in uMatrix 1.3.7 Beta 4 (Apr 15, 2018)
- Closed as fixed:
- Placeholder in logger "Network error" message is not replaced
- Shared Workers
New in uMatrix 1.3.7 Beta 3 (Apr 14, 2018)
- Closed as fixed:
- Ruleset pane size miscalculated
New in uMatrix 1.3.6 (Apr 10, 2018)
- Changes:
- CodeMirror's MergeView has been integrated into the "My rules" pane, this should make it easier to manage your ruleset.
- Improved the visuals and behavior of Recipes icon (the puzzle icon) in popup panel.
- Closed as fixed:
- CSP error notification -> Conflicting with uBlock Origin?
New in uMatrix 1.3.5 Beta 2 (Mar 26, 2018)
- Changes:
- CodeMirror's MergeView has been integrated into the "My rules" pane, this should make it easier to manage your ruleset.
- Closed as fixed:
- CSP error notification -> Conflicting with uBlock Origin?
New in uMatrix 1.3.4 (Mar 19, 2018)
- New:
- [Status: experimental] A new button ("puzzle" piece icon) is available in the popup panel: uMatrix will offer you the ability to import community-contributed ruleset recipes which are relevant to the current page (see #30). Hopefully there will be many contributions to populate ruleset recipes ready to be used to unbreak sites.
- A tooltip has been added to the global scope selector (*) in the popup panel.
- A new setting has been added in the Settings pane: "Disable tooltips".
- Changes:
- The setting "Show the number of distinct requests on the icon" has been changed to "Show the number of blocked resources on the icon": the number of blocked resources is much more useful than the number of distinct resources. This will make it clear now that uMatrix is still blocking stuff even after you think you had configured it to no longer block stuff (example: #938).
- The icon badge is back to being enabled by default with new installations of uMatrix.
- Closed as fixed:
- Ability to enforce _escaped_fragment_=
- Report more accurately that resources are being blocked following page load
- [Performance] Implement ability to snapshot memory to improve load times
- When first installing uMatrix, the setting "Auto-update hosts files" is disabled by default
New in uMatrix 1.3.3 Beta 9 (Mar 6, 2018)
- New:
- A new button ("puzzle" piece icon) is available in the popup panel: uMatrix will offer you the ability to import community-contributed ruleset recipes which are relevant to the current page (see #30). Hopefully there will be many contributions to populate ruleset recipes ready to be used to unbreak sites.
- A tooltip has been added to the global scope selector (*) in the popup panel.
- A new setting has been added in the Settings pane: "Disable tooltips".
- Changes:
- The setting "Show the number of distinct requests on the icon" has been changed to "Show the number of blocked resources on the icon": the number of blocked resources is much more useful than the number of distinct resources. This will make it clear now that uMatrix is still blocking stuff even after you think you had configured it to no longer block stuff (example: #938).
- The icon badge is back to being enabled by default with new installations of uMatrix.
- Closed as fixed:
- Report more accurately that resources are being blocked following page load
- [Performance] Implement ability to snapshot memory to improve load times
- When first installing uMatrix, the setting "Auto-update hosts files" is disabled by default
New in uMatrix 1.3.3 Beta 8 (Feb 12, 2018)
- code review: fix updating of non-hosts resources
- add 1st recipe file to updatable assets
- first draft toward fixing #30
- import translation work from https://crowdin.com/project/umatrix
- remove spurious trailing periods (#30 (comment))
- add space after newline: Firefox does not render newlines for placeholders
- remove more trailing periods as per #30 (comment)
- add tooltip for global scope + setting to disable tooltips
- code review: simplify PSL selfie generator
- fix #938: show badge by default for new users
- code review: also take into account modifications to http headers
- fix backward compatibility of restore from backup feature
- improve backup file output for rules: array instead of one huge string
- add contributor mode and tools to contribute ruleset recipes (need more)
- add support for: switch-based rules; entity in source part of condition
- code review: fix error at extension console; allow recipes to override explicit rules
- Update hyperlink auditing HTML spec url (#942)
- fix regression reported at https://www.wilderssecurity.com/threads/umatrix-the-http-switchboard-successor.369601/page-27#post-2737419
New in uMatrix 1.3.3 Beta 7 (Feb 6, 2018)
- Code review: fix error at extension console; allow recipes to override explicit rules
- Update hyperlink auditing HTML spec url (#942)
New in uMatrix 1.3.3 Beta 6 (Feb 5, 2018)
- fix backward compatibility of restore from backup feature
- improve backup file output for rules: array instead of one huge string
- add contributor mode and tools to contribute ruleset recipes (need more)
- add support for: switch-based rules; entity in source part of condition
New in uMatrix 1.3.3 Beta 3 (Feb 2, 2018)
- Commits:
- code review: fix updating of non-hosts resources
- add 1st recipe file to updatable assets
- first draft toward fixing #30
- import translation work from https://crowdin.com/project/umatrix
- remove spurious trailing periods (#30 (comment))
- add space after newline: Firefox does not render newlines for placeholders
- remove more trailing periods as per #30 (comment)
- add tooltip for global scope + setting to disable tooltips
- code review: simplify PSL selfie generator
- fix #938: show badge by default for new users
- code review: also take into account modifications to http headers
New in uMatrix 1.3.2 (Jan 23, 2018)
- Closed as fixed:
- uMatrix does not report inline styles
New in uMatrix 1.3.0 (Jan 22, 2018)
- Fixed:
- noscript tags improperly rendered in XML-based HTML documents (report).
- No way to configure advanced settings in uMatrix/webext
- Pages can detect uMatrix's presence with pure CSS
New in uMatrix 1.2.1 RC 2 (Jan 18, 2018)
- import translation work from https://crowdin.com/project/umatrix
- remove unnecessary padding
- add ability to vertically expand a specific row
- code review: mind inline styles too
- use worker-src on Firefox 58+ -- turns out this was fixed weeks ago
New in uMatrix 1.2.1 RC 0 (Jan 12, 2018)
- Closed as fixed:
- No way to configure advanced settings in uMatrix/webext
- Pages can detect uMatrix's presence with pure CSS
New in uMatrix 1.2.0 (Jan 11, 2018)
- APPEARANCE:
- More choices of text size for the matrix UI in the Settings pane (text size dictates the popup panel size).
- PER-SCOPE SWITCHES:
- New switch: "Forbid web workers":
- Purpose should be obvious.
- Note that nuisance coin miners typically use web workers, so forbidding web workers globally might be a good idea, though mind that there are legitimate use for web workers. Keep in mind many of these miners are launched as 1st-party, so the new switch allows you to forbid them even when you allow 1st-party scripts. Update: blocking web workers everywhere by default should lower quite significantly the probability of falling prey to exploits taking advantage of Meltdown/Spectre vulnerabilities through your browser (assuming your browser is vulnerable). Mind that often sites legitimately do need web workers to work properly -- so if you forbid web workers in the global scope, don't forget about this when you are puzzled as to why a web site is still broken despite you allowing the needed resources.
- uMatrix is able to detect when a web worker is being instantiated. However, this does not work for Firefox 57-58, but works fine in Firefox 59 (Nightly). The reason is that SecurityViolationPolicyEvent has been implemented just recently in Nightly.
- So this means if you are using uMatrix with Firefox 57-58, uMatrix will be unable to report to you whether web workers are used by a page, though you will be able to block these fine with the new per-scope switch. With Nightly, use (or attempt to use) web workers is properly reported in the logger and in the popup panel.
- Per-scope switches redesigned and renamed:
- "Strict HTTPS" has been renamed "Forbid mixed content": I see too many instances of people thinking this feature is a replacement for HTTPS Everywhere: it is not.
- The new visual will now convey whether a switch is relevant for the current document. A dot in the toggle button means that the switch is relevant, i.e. uMatrix may affect the page if the switch is toggled on.
- Forbid mixed content: a dot means that mixed content has been detected on the page.
- Forbid web workers: a dot means that web workers have been detected on the page (as mentioned above, the detection does not work for Firefox 57-58).
- Spoof referer header: a dot means that 3rd-party referrer information has been seen in network traffic.
- Spoof tags: a dot means tags have been detected in the current page.
- Logger:
- Ability to open the logger in the sidebar. Sidebar API is only available in Firefox and Opera (I didn't try the feature in Opera yet). Note that since the logger is unified, should you open additional logger views, these will be left unused, until the first view is closed. By design.
- CLOSED AS FIXED:
- Possible to improve image placeholders? Sometimes they are just too tiny (1px)