1
0
mirror of https://github.com/kkapsner/CanvasBlocker synced 2024-11-12 16:18:53 +01:00
Go to file
2016-02-13 12:55:34 +01:00
addon description Updated description files. 2015-09-10 17:30:29 +02:00
data e10s ready! 2016-02-13 12:28:36 +01:00
doc Initial Commit 2014-07-31 03:05:51 +02:00
lib Changes for release submission. 2016-02-13 12:55:34 +01:00
locale Switch to jpm. 2016-01-29 00:07:41 +01:00
test e10s ready! 2016-02-13 12:28:36 +01:00
.gitattributes 💥🐫 Added .gitattributes 2014-07-31 03:04:18 +02:00
.gitignore First beta 2014-08-05 14:36:05 +02:00
.jpmignore Added JPM support 2015-05-15 00:31:44 +02:00
AllowIcon.png Separated invisible and visible canvas asking 2014-08-17 23:32:23 +02:00
AskIcon.png Separated invisible and visible canvas asking 2014-08-17 23:32:23 +02:00
CanvasBlocker@kkapsner.de-0.3.0-Release.xpi Changes for release submission. 2016-02-13 12:55:34 +01:00
Icon.png First beta 2014-08-05 14:36:05 +02:00
LICENSE.txt Added MPL 2015-01-16 13:05:40 +01:00
locales.json Switch to jpm. 2016-01-29 00:07:41 +01:00
package.json Changes for release submission. 2016-02-13 12:55:34 +01:00
README.md Version 0.2.2 2015-12-07 16:42:03 +01:00
Settings.png Next version number (0.1.5) 2014-12-16 11:37:45 +01:00

This add-on allows users to prevent websites from using the Javascript <canvas> API to fingerprint them. Users can choose to block the <canvas> API entirely on some or all websites (which may break some websites) or just block or fake its fingerprinting-friendly readout API. More information on <canvas> fingerprinting can be found at http://www.browserleaks.com/canvas.

The different block modes are:

  • block readout API: All websites not on the white list or black list can use the <canvas> API to display something on the page, but the readout API is not allowed to return values to the website.
  • fake readout API: Canvas Blocker's default setting, and my favorite! All websites not on the white list or black list can use the <canvas> API to display something on the page, but the readout API is forced to return a new random value each time it is called.
  • ask for readout API permission: All websites not on the white list or black list can use the <canvas> API to display something on the page, but the user will be asked if the website should be allowed to use the readout API each time it is called.
  • block everything: Ignore all lists and block the <canvas> API on all websites.
  • allow only white list: Only websites in the white list are allowed to use the <canvas> API.
  • ask for permission: If a website is not listed on the white list or black list, the user will be asked if the website should be allowed to use the <canvas> API each time it is called.
  • block only black list: Block the <canvas> API only for websites on the black list.
  • allow everything: Ignore all lists and allow the <canvas> API on all websites.

At present, only my domain (kkapsner.de) is whitelisted by default.