security-and-privacy/CanvasBlocker
security-and-privacy
/
CanvasBlocker
mirror of https://github.com/kkapsner/CanvasBlocker
1
0
Fork 0
Code Releases Activity
712 Commits 81 Branches 113 Tags 12 MiB
JavaScript 87.4%
HTML 6%
CSS 4.1%
PHP 2.5%
Go to file
kkapsner 61101a26a6 Changes for release submission 2019-05-31 12:12:37 +02:00
.documentation Update description.txt 2019-05-17 11:19:35 +00:00
.github Improved issue template 2017-12-17 12:00:09 +01:00
.tools Moved i18n to extension module 2019-04-09 08:29:52 +02:00
.vscode Adjusted protection for document.write and document.writeln 2019-05-29 14:22:52 +02:00
_locales Confirm messages were broken in Firefox 67 2019-05-31 01:10:13 +02:00
browserAction Unified action pages and fixed display issues 2019-05-03 23:17:35 +02:00
icons Added whitelist inspection 2019-05-04 01:12:45 +02:00
lib Confirm messages were broken in Firefox 67 2019-05-31 01:10:13 +02:00
options Confirm messages were broken in Firefox 67 2019-05-31 01:10:13 +02:00
pageAction Merge branch 'WhitelistAPISpecific' 2019-05-04 01:14:04 +02:00
test Adjusted protection for document.write and document.writeln 2019-05-29 14:22:52 +02:00
themes Fixed collision with "arrow" in select. 2019-05-04 01:17:46 +02:00
.eslintrc.json Linting 2019-01-24 15:43:20 +01:00
.gitattributes 💥🐫 Added .gitattributes 2014-07-31 03:04:18 +02:00
.gitignore Updated gitignore 2017-12-19 23:56:07 +01:00
LICENSE.txt Added MPL 2015-01-16 13:05:40 +01:00
README.md Added bitcoin cash address 2019-05-29 20:17:18 +02:00
canvasblocker.xpi Changes for release submission 2019-05-31 12:12:37 +02:00
manifest.json Server-site navigator protection did not respect whitelisting 2019-05-30 12:43:47 +02:00
releaseNotes.txt Confirm messages were broken in Firefox 67 2019-05-31 01:10:13 +02:00

README.md

This add-on allows users to prevent websites from using some Javascript APIs to fingerprint them. Users can choose to block the APIs entirely on some or all websites (which may break some websites) or just block or fake its fingerprinting-friendly readout API.

IMPORTANT: you should only have ONE addon/setting set that protects an API. Otherwise you could face massive performance issues. (E.g. EclipsedMoon for Palemoon has 'canvas.poison' which is known to cause issues: https://github.com/kkapsner/CanvasBlocker/issues/253#issuecomment-459499290) But setting privacy.resistFingerprinting to true is fine.

More information on fingerprinting can be found at:

The different block modes are:

  • fake: Canvas Blocker's default setting, and my favorite! All websites not on the white list or black list can use the protected APIs. But values obtained by the APIs are altered so that a consistent fingerprinting is not possible
  • ask for permission: If a website is not listed on the white list or black list, the user will be asked if the website should be allowed to use the protected APIs each time they are called.
  • block everything: Ignore all lists and block the protected APIs on all websites.
  • allow only white list: Only websites in the white list are allowed to use the protected APIs.
  • block only black list: Block the protected APIs only for websites on the black list.
  • allow everything: Ignore all lists and allow the protected APIs on all websites.

Protected "fingerprinting" APIs:

  • canvas 2d
  • webGL
  • audio
  • history
  • window (disabled by default)
  • DOMRect
  • navigator (disabled by default)

Special thanks to:

  • spodermenpls for finding all the typos
  • Thorin-Oakenpants for the icon idea
  • anthologist and unbranched for the Italian translation
  • Maleficient for the French translation
  • yfdyh000 for the Chinese translation
  • micrococo for the Spanish translation
  • STim99 for the Russian translation

If you want to support this addon you can donate to the following addresses:

  • bitcoin: 159Y9BLcfHyrp6wj6f3syEuk92xkRVTiie
  • bitcoin cash:qrchnszkdwv9knhg9wjucrqy43rpl4klkq7jhkc8dz
  • monero: 482QYZaagALWtPmwbptwBaexDYmcVsJrhJp2VVjTgjYA3Kk1YyMdSg9Wz2qz1Gh31E843PFVCDWS4hR4Bjf6ipWuB9iz2cs