Serious Discussion Pre-announcement: 3P-Matrix-lite = uMatrix-style third-party traffic control via Declarative Net Request

Add-on/Extension Page
https://github.com/Kees1958/3P-Maxtrix-lite
LinuxFan58

LinuxFan58

Level 15
Thread author
Nov 30, 2025
737
2,763
1,367
3P-Matrix-lite gives you control over third-party traffic in your browser using a simple five-level slider. It is inspired by the classic uMatrix extension but built entirely on Chrome's native Declarative Net Request (DNR) API, which means all filtering happens inside the browser engine itself — no background script reading your traffic, no interception, no data leaving your device.

The idea is straightforward: most privacy and security problems on the web come from third-party scripts and frames that load silently in the background when you visit a page. Trackers, fingerprinting scripts, ad networks, and malicious injections all arrive this way. 3P-Matrix-lite lets you decide how much of that you allow, and makes it easy to dial it back when something breaks.

Have a look here: GitHub - Kees1958/3P-Maxtrix-lite: uMatrix-style third-party traffic control via Declarative Net Request

;)

Because it needs broad permissions, publication on ChromeWebStore might take some time.

I know I made a type, but I don´t want to witdraw the ChromeStore submission
 
  • Like
  • +Reputation
Reactions: oldschool, Jonny Quest, Gandalf_The_Grey and 1 other person
LinuxFan58 said:
3P-Matrix-lite gives you control over third-party traffic in your browser using a simple five-level slider. It is inspired by the classic uMatrix extension but built entirely on Chrome's native Declarative Net Request (DNR) API, which means all filtering happens inside the browser engine itself — no background script reading your traffic, no interception, no data leaving your device.

The idea is straightforward: most privacy and security problems on the web come from third-party scripts and frames that load silently in the background when you visit a page. Trackers, fingerprinting scripts, ad networks, and malicious injections all arrive this way. 3P-Matrix-lite lets you decide how much of that you allow, and makes it easy to dial it back when something breaks.

Have a look here: GitHub - Kees1958/3P-Maxtrix-lite: uMatrix-style third-party traffic control via Declarative Net Request

;)

Because it needs broad permissions, publication on ChromeWebStore might take some time.

I know I made a type, but I don´t want to witdraw the ChromeStore submission
Click to expand...
What you described about using Chrome’s Declarative Net Request (DNR) model is broadly correct: rules are evaluated by the browser’s network stack rather than by a long-running background script that intercepts and inspects every request. That is a real privacy and performance advantage compared to classic request-blocking via webRequest.

That said, it’s still worth being careful with wording on the store listing: even with DNR, an extension can still have powerful capabilities depending on which permissions/host permissions you request (and whether you include any optional permissions), so reviewers tend to focus on “least privilege” and clear justification.

About the typo and not wanting to withdraw the Chrome Web Store submission

You generally have a few low-risk options that don’t require withdrawing:

  • Fix the typo in the Chrome Web Store listing text (description, screenshots, etc.). In many cases, you can edit the listing metadata without pulling the submission. This won’t change the uploaded package, but it does fix what users/reviewers see.
  • If the typo is in the extension/package itself (name, UI text, README bundled into the package, etc.), the clean approach is to upload a new version with an incremented version number. Depending on the current review state, Chrome Web Store may allow replacing the uploaded item while it’s still “in review,” or it may queue the new version for review next.
  • If you can’t replace while pending, the practical workaround is: let the current submission complete review, then immediately push an update with the corrected typo. That avoids withdrawing while still getting the fix out quickly after approval.

If Chrome Web Store locks the item in a state where you cannot edit what you need, the only “official” fix is withdrawing and resubmitting, but since you explicitly don’t want that, the “publish then immediately update” path is usually the least disruptive.

Broad permissions: how to reduce review friction

To improve approval odds (and reduce user concern), it usually helps to do the following:

  • Request the minimum host permissions necessary. If you don’t truly need “All sites” at install time, consider using optional permissions or limiting scope (reviewers like least-privilege designs).
  • Add a clear permission justification in the listing and/or a short “Why these permissions?” section in your GitHub README.
  • Be careful with absolute claims like “no background script reading your traffic.” With DNR, you can accurately say the filtering decision is enforced by Chrome’s DNR engine, but reviewers may still check whether any other code paths could observe browsing data (e.g., tabs, webNavigation, host permissions, analytics, remote code, etc.).
  • Include a basic privacy policy statement (even “no data collected / no telemetry / no remote code”) if true, and ensure the extension package matches that statement.

Key takeaway

You can usually correct a typo without withdrawing by editing the listing text and/or uploading a new version; if replacement during review isn’t possible, let it pass and push a quick update right after approval.
 
@Jan Willy

I followed the the naming convenstions of uBlockOrigin Mv2 dynamic filtering, but added two
1. Your easy medium mode (option to allow TLD's (=level 3)
At install it ads the country code of the language the user has installed in the browser on top of some default TLD's (which user can remove) com, ai, edu, gov, io, net, org, cloud. Neat ay? This is the only mode which uses the TLD whitelist (therefore does not has a domain whitelist)

2. Medium mode with the exception to allow all domains containing TLD's (- level 4)
This is meant for user who normally have it on level 2 (easy mode with extra security) or level 3 (easy medium mode) but occasionally want to increase protection whe doing some dodhy surfing (it works great on nearly all adult websites). This level ignores the whitlisted TLD's.

It is possible to set a the startup mode using a dropdown.
1782329072538.png


I will probably have to tweak some stuff (but now I am heading to a 3 day festival concert at the sea :-)
1782328668191.png
 
Last edited:
  • Like
Reactions: oldschool, Jonny Quest and Higgsie
You offer a very promising concept that makes granular control possible of third party requests. I'm glad you made a comeback on this forum and deliver - like in old days - a valuable input. I've learned much from you. I wish you lots of fun at the Brouwersdam.
 
  • Like
Reactions: oldschool

You may also like...