CanvasBlocker

mirror of https://github.com/kkapsner/CanvasBlocker synced 2024-12-22 12:50:36 +01:00

Go to file

kkapsner 83efac5e49 Added protection for window.name and window.opener

As requested by #231.

But this protection is disabled by default.

2018-08-27 00:33:39 +02:00

_locales

Added protection for window.name and window.opener

2018-08-27 00:33:39 +02:00

.documentation

Added protection for window.name and window.opener

2018-08-27 00:33:39 +02:00

.github

Improved issue template

2017-12-17 12:00:09 +01:00

.vscode

Spell checking.

2018-08-26 23:13:23 +02:00

browserAction

Fixed default theme

2018-08-21 23:25:57 +02:00

icons

Added highlighting options for notification icons

2018-08-20 21:48:05 +02:00

lib

Added protection for window.name and window.opener

2018-08-27 00:33:39 +02:00

options

Added protection for window.name and window.opener

2018-08-27 00:33:39 +02:00

pageAction

Added option to ignore APIs

2018-08-24 19:39:34 +02:00

test

Added protection for window.name and window.opener

2018-08-27 00:33:39 +02:00

.eslintrc.json

Centralized settings management

2017-11-07 00:36:44 +01:00

.gitattributes

💥🐫 Added .gitattributes

2014-07-31 03:04:18 +02:00

.gitignore

Updated gitignore

2017-12-19 23:56:07 +01:00

LICENSE.txt

Added MPL

2015-01-16 13:05:40 +01:00

manifest.json

Added protection for window.name and window.opener

2018-08-27 00:33:39 +02:00

README.md

Updare README

2018-08-21 22:01:31 +02:00

releaseNotes.txt

Added protection for window.name and window.opener

2018-08-27 00:33:39 +02:00

README.md

This add-on allows users to prevent websites from using the Javascript <canvas> API to fingerprint them. Users can choose to block the <canvas> API entirely on some or all websites (which may break some websites) or just block or fake its fingerprinting-friendly readout API. More information on <canvas> fingerprinting can be found at http://www.browserleaks.com/canvas.

The different block modes are:

block readout API: All websites not on the white list or black list can use the <canvas> API to display something on the page, but the readout API is not allowed to return values to the website.
fake readout API: Canvas Blocker's default setting, and my favorite! All websites not on the white list or black list can use the <canvas> API to display something on the page, but the readout API is forced to return a new random value each time it is called.
fake at input: on display of text the drawn pixels get modified slightly. This makes the detection of the add-on harder but is less secure. On WebGL-canvas the behaviour is identical to "fake readout API".
ask for readout API permission: All websites not on the white list or black list can use the <canvas> API to display something on the page, but the user will be asked if the website should be allowed to use the readout API each time it is called.
block everything: Ignore all lists and block the <canvas> API on all websites.
allow only white list: Only websites in the white list are allowed to use the <canvas> API.
ask for permission: If a website is not listed on the white list or black list, the user will be asked if the website should be allowed to use the <canvas> API each time it is called.
block only black list: Block the <canvas> API only for websites on the black list.
allow everything: Ignore all lists and allow the <canvas> API on all websites.

Special thanks to:

spodermenpls for finding all the typos
Thorin-Oakenpants for the icon idea
anthologist for the Italian translation
Maleficient for the French translation
yfdyh000 for the Chinese translation

If you want to support this addon you can donate to the following bitcoin address: 159Y9BLcfHyrp6wj6f3syEuk92xkRVTiie