3P Request Blocker blocks all third-party requests in Firefox

Martin Brinkmann
Feb 9, 2018
Updated • Jan 29, 2019
Firefox, Firefox add-ons
|
32

3P Request Blocker is a new add-on for the Firefox web browser designed to block all third-party requests by default in the browser.

The description sounds a lot like NoScript, and while the core functionality is the same, both extensions offer features that the other does not provide.

Third-party requests are all requests that a site makes that load content from third-party domains. The connection can be a subdomain of the domain or an unrelated domain name.

While some third-party requests are required for a site's functionality, think of content being loaded from a content delivery network, other requests are used to display advertisement, social media buttons, tracking scripts, or other often undesirable content.

Update: The extension is no longer available. I found Third-Party Request Blocker on Mozilla's AMO Store which uses the same interface. I don't know if it is by the same author or a fork.

3P Request Blocker for Firefox

3p request blocker

3P Request Blocker adds an icon to the Firefox main toolbar that you interact with to control the loading of third-party resources on the active website you are on.

A click on the icon displays all third-party connections the page tried to make. Any connection that is not checked there has been blocked. You can allow connections by checking the sites and clicking on the apply button afterward.

Sites that you allow are added to the extension's whitelist by default. You can enable the setting of temporary permissions in the preferences which switches the checkbox layout to a radio button layout with block, allow and temp buttons for each site listed by the extension.

3D Request Blocker offers extensive options which you access with a click on the i-icon or from Firefox's about:addons page.

Here is a quick overview of the available groups:

  • Whitelist -- add, edit or remove whitelisted sites. Comes with import and export functionality.
  • Filter -- lots of options to ignore, block and change functionality.
  • JavaScript -- options to block JavaScript and use a JavaScript whitelist.
  • Popup/icon -- cosmetic changes to the icon, for example, adding the domain count to the icon.
  • Misc -- Change the language and enable temporary permissions

The Filter menu

3p request blocker filter

The Filter menu deserves a closer look as it offers quite a few useful features. Here is a short list of options that it makes available:

  • Do not block same domain's subdomain.
  • Block Punycode domains.
  • Block unencrypted requests (HTTP or ws).
  • Block abnormal requests methods (allow only GET and POST).
  • Block WebSocket protocol.
  • Block HTTP or HTTPS on non-standard ports.
  • Block requests that include your keywords in URL.
  • Block resource types and ignore the whitelist doing so (beacon, csp_report, font, ping, object, object_subrequest, media, other).
  • Block MIME types and ignore whitelist to prevent downloads (video, audio, PDF, Microsoft Office, LibreOffice, Applications).
  • Block tracking/ads, Internet IP address and tracking/ads patterns automatically and don't show them on the menu.

The filter menu lists several interesting options which improve security while you browse the Internet.

Closing Words

3P Request Blocker is a powerful new content blocker for Firefox that users of RequestPolicy or Policeman may want to consider switching to as the extensions are no longer compatible with stable versions of Firefox.

The extension is compatible with other content blockers, e.g. uBlock Origin or AdBlock Plus.

Now You: Which security extensions do you use, and why? (thanks Robert)

Related articles

Block mining scripts with Anti-WebMiner for Windows

NoScript Beginner's Guide

uBlock Origin Extra extension for Chrome

You can block WebRTC from leaking your IP now in uBlock Origin

Summary
software image
Author Rating
1star1star1star1star1star
5 based on 10 votes
Software Name
3P Request Blocker
Software Category
Browser
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Jake said on March 18, 2022 at 5:16 am
    Reply

    Regarding the possible fork:

    “Update: The extension is no longer available. I found Third-Party Request Blocker on Mozilla’s AMO Store which uses the same interface. I don’t know if it is by the same author or a fork.”

    I’m having trust issues… the “support site” for this add-on is simply yandex.ru
    The extension was last updated Jan 15, 2019 (3+ years ago, as I write this)
    Requires lots of permissions from an untrusted source

    A shame that the original disappeared. Am looking for a uMatrix replacement and there doesn’t appear to be one anywhere.

    The only real suggestion is uBlock Origin in Medium Blocking Mode: which is a real pain to use: all the plus/minus signs; global/NoOp; Allow vs NoOp… still the domains/scripts/resources get through. Even after spending time reading all tutorials, uBO isn’t nearly as effective as uMatrix (and the long discontinued RequestPolicy)

  2. user said on February 17, 2018 at 3:23 am
    Reply

    i heavily rely on RequestPolicy, and this is not a good candidate for replacement.
    although the ideas are almost the same, user experiences are very different…

  3. kilroy said on February 14, 2018 at 2:45 am
    Reply
  4. Rick A. said on February 11, 2018 at 9:40 pm
    Reply

    The extension was removed.

    1. Martin Brinkmann said on February 11, 2018 at 9:47 pm
      Reply

      The URL changed, extension is still available.

      1. Rick A. said on January 29, 2019 at 4:21 pm
        Reply

        @Martin Brinkmann – i think it’s gone or the name changed because i can’t find it. Please update he Link if you know it.

  5. Foxify said on February 11, 2018 at 11:43 am
    Reply

    Just don’t select JS checkbox. It’s fine. I am able to use this addon with uBlock.

  6. Anonymous said on February 11, 2018 at 5:37 am
    Reply

    Might give this a spin with a new FF profile, but for my day-to-day use, VPN+uMatrix+uBo+Decentraleyes is still the unbeatable privacy combo.

    1. Anonymous said on February 12, 2018 at 4:08 pm
      Reply

      If you don’t mind that your VPN knows all websites you visit like your ISP would otherwise, and assuming it’s good enough.

  7. Cigologic said on February 10, 2018 at 8:36 pm
    Reply

    From post: “The extension is compatible with other content blockers, e.g. uBlock Origin or AdBlock Plus.”

    Incidentally, 3P Request Blocker’s ‘About this extension’ description indicates the following …

    “Block Javascript. Disabled by default.
    (If you’re going to use this function, delete uBO and pick “Adblock Plus”. uBO will override this add-on and allow your browser to run inline JS.)”

  8. Anonymous said on February 10, 2018 at 3:27 pm
    Reply

    I for one had no idea about such extensions, umatrix or otherwise and as such, find this to be a good find. Thanks Martin! Useful posts as ever.
    archie

  9. Darren said on February 9, 2018 at 11:12 pm
    Reply

    Good option for home or work networks is to set up Pi-Hole: https://pi-hole.net/

    Works great

  10. ULBoom said on February 9, 2018 at 4:25 pm
    Reply

    The issue I’ve found with similar add ons is they have to be kept up to date as FF’s config entries change from version to version or they may not block as intended or start adversely affecting browser functionality. Better, IMO, to learn the config settings, use an unbloated ad block, learn to config the firewall and use something like CCleaner to disable the hidden tracking stuff in ff and hidden cookies that remain even if all the caches are cleaned. The OS collects and saves browsing data, too, with edge and the win browser.
    Seems blocking third party cookies still breaks a lot of sites so I allow them, then remove them later. Using a VPN that’s actually a VPN scrambles most of this stuff.

    1. Tom Hawack said on February 9, 2018 at 8:10 pm
      Reply

      Extensions adapt themselves to browsers’ updates (or not, btw) but as far as deciding on which 3rd-party sites may be accessed or not the principle is always the same and little to do with a browser’s own settings : you’re on a site, that site calls one/several other sites, some calls as mentioned in the article are required, some may be blocked, others should be blocked. The idea is that if you don’t let the jackass in you won’t have to kick him out, not to mention what the jackass does before he’s ejected (and what more even when not boxed to the exit, when we know some users who never clear their history, cookies, cache…).

  11. Anonymous said on February 9, 2018 at 1:14 pm
    Reply

    uMatrix and uBlock make quite a lot of internet connection. Adblock filters are automatically download when you start the browser.

    1. gorhill said on February 10, 2018 at 2:07 pm
      Reply

      > uMatrix and uBlock make quite a lot of internet connection. Adblock filters are automatically download when you start the browser.

      False.

      A filter list is downloaded only when ALL the following conditions are true:

      – A filter list in use is out of date
      – Auto-update is enabled
      – More than 5 minutes has elapsed AFTER the extension has launched

      The 5+ minutes period above before auto-update kicks in gives time for a user to disable auto-update if they wish.

      Filter lists selected by default are shipped with the extensions, so *even* at first install time uBO typically does not connect to any remote server — the only exception is when uBO auto-selects one of the regional filter lists because these are not shipped with the package.

      After first install, uBO/uMatrix never connects to remote server at browser launch time, as per above points.

      So the statement “lot of internet connection” and “automatically download when you start the browser” are downright false and amount to nothing more than FUD.

      1. A_surprise_to_be_sure said on February 11, 2018 at 12:29 pm
        Reply

        Speaking of the devil haha

        Appreciate the good work lad.

    2. Tom Hawack said on February 9, 2018 at 8:00 pm
      Reply

      Avon calling :

      “uBO / Dashboard / 3rd-party filters / Auto-update filter lists [Check/Uncheck]
      If unchecked, remember to update the lists manually : 1- Purge all caches, 2- Update now.”

      1. Anonymous said on February 10, 2018 at 12:14 am
        Reply

        Install Wireshark and look closely.

        1. Don’t select anything(zero list)
        2. Add http://localhost/mylist.txt
        3. Update it

        You should ‘only’ see a connection to localhost, but uBlock/Matrix is sending some request to different servers.

      2. gorhill said on February 10, 2018 at 2:22 pm
        Reply

        > You should ‘only’ see a connection to localhost, but uBlock/Matrix is sending some request to different servers.

        uBO/uMatrix also need to update assets.json[1] (hosted on GitHub) and the Public Suffix List (hosted at Mozilla’s publicsuffix.org) when these are deemed out of date and you force an update. This is the “other related assets” in uBO/uMatrix’s privacy policy[2].

        These are deemed out of date after a much longer time than filter lists, and they respect the auto-update setting.The connections occurred because you forced an update of the assets and these assets were out of date.

        If your intention was not to spread FUD, you would detail exactly what you saw instead of vague “some request to different servers”.

        [1] https://github.com/gorhill/uBlock/blob/master/assets/assets.json
        [2] https://github.com/gorhill/uBlock/wiki/Privacy-policy

      3. Yea said on February 12, 2018 at 5:46 pm
        Reply

        Thanks for clearing that up gorhill!

      4. Anonymous said on February 11, 2018 at 12:01 pm
        Reply

        Yo gorhill.

        “uBlock Origin connects to a remote server is to update the filter lists and other related assets”
        https://github.com/gorhill/uBlock/wiki/Privacy-policy

        You need to explain more. And you should stop yelling FUD FUD FUD.

      5. Tom Hawack said on February 11, 2018 at 12:47 pm
        Reply

        Your behavior is being cheap, Anonymous, when Gorhill is so honest that he took the time to explain how he first perceived your comment then how he understood what you were trying to get to. Because Gorhill explained what your approximations failed to do doesn’t mean you’re entitled, little anonymous guy, to take things from high, that is a cheap attitude.

    3. Paul's Dad. said on February 9, 2018 at 5:57 pm
      Reply

      You can disable it with three clicks

      1. Anonymous said on February 9, 2018 at 7:07 pm
        Reply

        Plot twist, it’s actually four clicks!

    4. Anonymous said on February 9, 2018 at 4:58 pm
      Reply

      you can disable that in 3 clicks

    5. zqwe said on February 9, 2018 at 4:13 pm
      Reply

      You can disable that with just three clicks.

  12. Grindelin said on February 9, 2018 at 12:36 pm
    Reply

    uMatrix is sending greetings. Nothing new here.
    Why isn’t that even mentioned? There is no doubt this is the best 3P/script blocker so far

    1. Gary D said on February 9, 2018 at 8:30 pm
      Reply

      @ Grindelin

      Martin blogged “A uMatrix guide for Firefox” on November 28, 2017.

      Show some initiative and type “umatrix” into the search box at the top of the page.

    2. Xmetal said on February 9, 2018 at 8:02 pm
      Reply

      I am a Gorhill (,Raymond) addon fan myself but I am always a fan of alternatives being mentioned. :) not everyone likes the same exact programs/program addons

      1. Tom Hawack said on February 9, 2018 at 8:13 pm
        Reply

        Diversity, pluralism is a necessary condition of evolution and progress. Not sufficient though :=)

    3. Harushi said on February 9, 2018 at 2:50 pm
      Reply

      Because this article is about 3P Request Blocker , not uMatrix

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.