1
0
mirror of https://github.com/kkapsner/CanvasBlocker synced 2024-11-09 22:58:52 +01:00
CanvasBlocker/test/sendFingerprintTest.html

114 lines
3.0 KiB
HTML
Raw Normal View History

<html>
<body>
<div id="log"></div>
<form id="form" method="POST" action="https://bounce.kkapsner.de/requestDetails.php"">
<input name="internalId" value="id to be used to link the requests">
<textarea style="display: block;" name="fingerprint"></textarea>
<button>submit</button>
</form>
<script>
const origin = "iframe";
function draw(canvas){
"use strict";
canvas.setAttribute("width", 220);
canvas.setAttribute("height", 30);
2019-12-16 19:27:28 +01:00
const fp_text = "BrowserLeaks,com <canvas> 10";
2019-12-16 19:27:28 +01:00
const ctx = canvas.getContext("2d");
ctx.textBaseline = "top";
ctx.font = "14px 'Arial'";
ctx.textBaseline = "alphabetic";
ctx.fillStyle = "#f60";
ctx.fillRect(125, 1, 62, 20);
ctx.fillStyle = "#069";
ctx.fillText(fp_text, 2, 15);
ctx.fillStyle = "rgba(102, 204, 0, 07)";
ctx.fillText(fp_text, 4, 17);
return ctx;
}
function topTest(){
"use strict";
// create window canvas
2019-12-16 19:27:28 +01:00
const canvas = document.createElement("canvas");
// draw image in window canvas
2019-12-16 19:27:28 +01:00
const ctx = draw(canvas);
return {
imageData: ctx.getImageData(0, 0, canvas.width, canvas.height),
url: canvas.toDataURL(),
isPointInPath: getIsPointInPath(ctx)
};
}
function getIsPointInPath(ctx){
"use strict";
ctx.beginPath();
ctx.moveTo(20, 19);
ctx.lineTo(40, 19);
ctx.lineTo(30, 30);
ctx.closePath();
ctx.stroke();
return ctx.isPointInPath(30, 19);
2019-11-30 02:05:37 +01:00
}
function hashToString(hash){
2019-11-30 02:05:37 +01:00
"use strict";
2019-12-16 19:27:28 +01:00
const chunks = [];
(new Uint32Array(hash)).forEach(function(num){
chunks.push(num.toString(16));
});
return chunks.map(function(chunk){
return "0".repeat(8 - chunk.length) + chunk;
}).join("");
}
2019-12-16 19:27:28 +01:00
const send = function(){
2019-11-30 02:05:37 +01:00
"use strict";
2019-12-16 19:27:28 +01:00
return async function send(form, {url, imageData, isPointInPath}){
const buffer = new TextEncoder("utf-8").encode(url);
const hashes = await Promise.all([
2019-11-30 02:05:37 +01:00
crypto.subtle.digest("SHA-256", buffer),
crypto.subtle.digest("SHA-256", imageData.data)
2019-12-16 19:27:28 +01:00
]);
const data = JSON.stringify({
2020-01-06 15:07:58 +01:00
origin,
2019-12-16 19:27:28 +01:00
urlHash: hashToString(hashes[0]),
imageDataHash: hashToString(hashes[1]),
isPointInPath
}, null, "\t");
form.fingerprint.value = data;
const xhr = new XMLHttpRequest();
xhr.open("POST", form.action, true);
xhr.onreadystatechange = function(){
if (this.readyState === 4){
const status = this.status;
if (status === 200 || status === 304) {
console.log("Sending xhr successful from", origin, ":", data);
}
2019-12-16 19:27:28 +01:00
else {
console.log("Sending xhr failed:", this);
}
}
};
xhr.send(new FormData(form));
window.setTimeout(function(){
form.submit();
window.setTimeout(
function(){
document.getElementById("log").textContent =
"You see the real canvas fingerprint, but it cannot leak from this iFrame.";
},
250
);
}, 1000);
2019-11-30 02:05:37 +01:00
};
}();
send(document.getElementById("form"), topTest());
</script>
</body>
</html>