proxy implementation

[dicktyr]

I'd like to discuss a proxy implementation (as mentioned in gorhill/httpswitchboard#86)

essential utility: the separation/independence of user data/configuration from any specific browser

to manage unified options for each domain/url/pattern
(and whatever else may benefit from browser independence):

• blocking/permissions
• user style/script
• annotation
• bookmarks
• browser routing (e.g. simple content to simple browser)
• extensible as need be...

maybe some of this is beyond the scope of your interest
but please comment in any case

and thank you for µMatrix :}

[d-kr]

This will not work, because you need to break, intercept SSL connections.

1. Google, Facebook, Microsoft and some others use Certificate pinning or enforce only special root certificates for their own domains.If you browse https://google.com and the certificate is not signed be Google / on the white list, which for Chrome you cannot change,Chrome will not only complain, but also call home. (Remember the story of the eqypt CA which intercepted internally SSL connections and resulting in removing Chinas CA from the trusted set)
2. RFC 6797 defines HTTP Strict Transport Security, which enabled every Webserver request certificate pinning. So before using "uMatrixProxy" you need to clear that cache or the browser will complain.
3. Local apps who use internet to update, communicate or call home. The proxy cannot see the origin (update routine in normal program or web browser) and needs to break SSL to see the exact request which (if the program was developed with security in mind) will notice it.
4. Security and Cryptography are both very complex, difficult to understand and hard to master, so any bug in the proxy gifts the attacker MITM proxy which the client trusts. (Worst case)

Edit: Added formatting and 4. point.

[gorhill]

Not a uMatrix issue, this belongs to a forum somewhere. I don't see myself having the time to deal with anything more than uBlock/uMatrix for the time being.

[dicktyr]

I don't see myself having the time

that's a pity you seemed quite interested previously

uBlock

in any case please be careful making it easier to block ads lest upstream forces make things worse increasing obfuscation toward a world of binary web pages... the wolves in this world won't go away and goats enjoy some protection not of outsmarting wolves but simply because sheep are easier prey