From 46b7859f20251b0349e969d448e9fbec299a20c3 Mon Sep 17 00:00:00 2001 From: Raymond Hill Date: Sun, 26 Nov 2017 09:30:34 -0500 Subject: [PATCH] Created How to work only with global rules and all scripts blocked by default (markdown) --- ...ules-and-all-scripts-blocked-by-default.md | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 How-to-work-only-with-global-rules-and-all-scripts-blocked-by-default.md diff --git a/How-to-work-only-with-global-rules-and-all-scripts-blocked-by-default.md b/How-to-work-only-with-global-rules-and-all-scripts-blocked-by-default.md new file mode 100644 index 0000000..a1d5d46 --- /dev/null +++ b/How-to-work-only-with-global-rules-and-all-scripts-blocked-by-default.md @@ -0,0 +1,24 @@ +The motivation for this article is the following argument made at Wilders Security against uMatrix: + +> I like the way NoScrip works. If you think a domain should be untrusted, you untrust it everywhere. If you trust it, and require the domain, then you white list it. + +The way you work your ruleset with uMatrix is not dictated by uMatrix. If you want to work strictly with global rules, i.e. rules that apply everywhere, uMatrix allows that. + +Using an example page, this is uMatrix with out-of-the-box ruleset: + +![a](https://user-images.githubusercontent.com/585534/33240862-77db100a-d28b-11e7-8e51-416ea0e5cafb.png) + +From there, we will set up uMatrix to work as follow: + +- All rules will be global. +- All script resources will be blocked by default. +- Scripts from a specific domain will be allowed/blocked with a single click on that domain. + +First, select _"Global"_ as the default scope in uMatrix's _Settings_: + +![a](https://user-images.githubusercontent.com/585534/33240881-f5903c8c-d28b-11e7-85d4-f849abb9d405.png) + +From now on, the global scope will always be selected by default when you open the popup panel: + +![a](https://user-images.githubusercontent.com/585534/33240893-5c192c48-d28c-11e7-89b4-70fb14318887.png) +