Hi, I don't know if this is really a bug or something I don't understand about how RP works.

How to reproduce:

• Default policy: deny
• Go to some site that requests ajax.googleapis.com (eg. https://ouich.es/) and set RP to Block all requests to *.ajax.googleapis.com (this domain is now marked as blocked everywhere - aka I don't trust this domain)
• Go to https://www.commitlogsfromlastnight.com/, where ajax.googleapis.com is also required (now marked as blocked with the do-not-enter icon in RP menu)
• Try to add an exception for this site (eg. I don't trust ajax.googleapis.com but allow it from this site) by clicking Allow requests from *.commitlogsfromlast.com to *.ajax.googleapis.com

What happens:
ajax.googleapis.com is still blocked from this domain (with a question mark), the only action available for it is now Stop blocking requests to *.ajax.googleapis.com.

What's expected:
requests to ajax.googleapis.com should be allowed from this domain (the new, domain-specific rule takes precedence over the global one set previously). The menu should display stop allowing requests from *.commitlogsfromlastnight.com to *.ajax.googleapis.com in addition to the action that removes the global policy. (which does not apply from this domain since you've set an exception)