mirror of
https://github.com/kkapsner/CanvasBlocker
synced 2024-10-31 18:38:45 +01:00
b614b84b5f
Fixes #544
677 lines
22 KiB
Plaintext
677 lines
22 KiB
Plaintext
Version 1.6:
|
|
changes:
|
|
- periodical persistent rnd clearing does not clear in active tabs
|
|
- added paypal.com to the convenience preset
|
|
- improved whitelist inspection
|
|
|
|
new features:
|
|
- try to not break tabs when updating
|
|
- setting to postpone updates until browser restart or extension is reloaded
|
|
|
|
fixes:
|
|
- fix message canvasBlocker-unload
|
|
- convenience preset did not work properly
|
|
- random supply was not set properly on a fresh new tab
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 1.5:
|
|
new features:
|
|
- added {empty}, {false} and {undefined} to webGL preference parameters (i.e. VENDOR, RENDERER, UNMASKED_VENDOR_WEBGL and UNMASKED_RENDERER_WEBGL)
|
|
- added {disabled} to UNMASKED_VENDOR_WEBGL and UNMASKED_RENDERER_WEBGL to disabled the WEBGL_debug_renderer_info extension
|
|
- improved performance for protected canvas part "input"
|
|
|
|
fixes:
|
|
- protection of DOM manipulations on unloaded windows may break websites
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 1.4:
|
|
changes:
|
|
- updated DOMRect protection
|
|
|
|
new features:
|
|
- new translations
|
|
|
|
fixes:
|
|
- Fix stuck Fenix
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 1.3:
|
|
changes:
|
|
- added canvas cache to isPointInPath and isPointInStroke
|
|
|
|
new features:
|
|
- added link to FAQ
|
|
- added offscreen canvas protection
|
|
- new translations
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 1.2:
|
|
changes:
|
|
- removed unnecessary activeTab permission
|
|
- always open options page in new tab
|
|
|
|
new features:
|
|
- added warning if some features of a API are disabled
|
|
- added TextMetrics protection
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 1.1:
|
|
new features:
|
|
- added notice for privacy.resistFingerprinting
|
|
- added container specific navigator settings
|
|
|
|
fixes:
|
|
- error when exporting function with name "top"
|
|
- tabs opened with window.open broke when the parent tab was reloaded/closed
|
|
- importing settings file with an very old storage version did not work at all
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 1.0:
|
|
changes:
|
|
- improved storage of protected API features
|
|
- code cleanup
|
|
- added mail.google.com to the convenience preset
|
|
- added reCAPTCHA preset
|
|
- the reCAPTCHA whitelisting entry is changed to "allow window.name in frames"
|
|
|
|
new features:
|
|
- added screen protection
|
|
- added default values for mobile
|
|
|
|
fixes:
|
|
- background color of the textarea in the settings export was not readable in the dark theme when the value was invalid
|
|
- settings sanitation: added missing APIs
|
|
- navigator.oscpu and navigator.buildID are undefined in non Gecko browsers
|
|
- resetting the settings had undesired side effects
|
|
- added window.open protection
|
|
- cross origin DOM manipulations
|
|
- window.name protection was detectable
|
|
- importing settings file with an older storage version did not work properly
|
|
- fields hosted on braintree not working when window API was protected
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.14:
|
|
changes:
|
|
- reevaluated logging message levels
|
|
|
|
new features:
|
|
- remove iframe protection from whitelisted pages
|
|
- added protection for getParameter (webGL)
|
|
|
|
fixes:
|
|
- improved option pages on mobile
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.13:
|
|
new features:
|
|
- added setting presets
|
|
|
|
fixes:
|
|
- display of url specific settings did not work properly
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.12:
|
|
changes:
|
|
- rearranged some settings
|
|
|
|
new features:
|
|
- enabled whitelisting of local files
|
|
- added tabs in options page
|
|
|
|
fixes:
|
|
- detect when browser.contextualIdentities.onRemoved is not supported
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.11:
|
|
new features:
|
|
- added auto update for beta versions
|
|
- options: made sections collapsible
|
|
- clear persistent rng data if a container is deleted
|
|
- added tool to clear persistent rng for a specific container
|
|
|
|
fixes:
|
|
- improved protection of (i)frame properties
|
|
- document.write and document.writeln protection broke pages
|
|
- race condition causes persistent rnd separation between containers to leak
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.10:
|
|
changes:
|
|
- min version is now 57 to remove the amount of warnings on submission
|
|
|
|
new features:
|
|
- added date and time to the settings export file
|
|
- persistent rng is no longer shared between containers (different cookieStoreId)
|
|
|
|
fixes:
|
|
- setter for innerHTML broke pages
|
|
- protection for document.write and document.writeln broke in Firefox 69
|
|
- not connected iFrame threw error with persistent rng
|
|
- detection over document.write and document.writeln was possible
|
|
- google docs were broken in Waterfox
|
|
- MutationObserver failed in some instances
|
|
- server-site navigator protection did not respect whitelisting
|
|
- confirm messages were broken in Firefox 67
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.9:
|
|
changes:
|
|
- code cleanup
|
|
- made history length threshold url specific
|
|
- made navigator protection url specific
|
|
- uniform themes
|
|
- simplified the "display hidden settings" UI
|
|
|
|
new features:
|
|
- added protection for navigator properties
|
|
- added support to import older storage versions
|
|
- protection for data URLs can now be url specific
|
|
- changed input of lists to textarea
|
|
- added option to protect no part of the canvas API
|
|
- apply themes to all extension pages (options, page action, browser action, setting sanitation, setting inspection, navigator settings)
|
|
- theme for automatic detection of dark mode (only works with Firefox >= 67)
|
|
- within the page action the used API can be whitelisted alone
|
|
- added overview page for whitelist
|
|
|
|
fixes:
|
|
- search could show hidden settings
|
|
- faking audio did not work with white random generator
|
|
- enabled copying from settings description when they are "hidden"
|
|
- fixed description for "show notifications"
|
|
- improved DOMRect performance
|
|
- improved general performance when stack list is disabled
|
|
- preventing double interception (increased performance and reduced detectability)
|
|
- detection over navigator and DOMRect getters was possible
|
|
- audio cache could break readout
|
|
- improved iFrame protection
|
|
- SOP detection did not work all the time
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.8:
|
|
changes:
|
|
- audio faking will not alter buffers with only zero values
|
|
|
|
new features:
|
|
- added combined cache for getChannelData and copyFromChannel:
|
|
- better performance
|
|
- prevent double faking => prevent detection
|
|
|
|
fixes:
|
|
- after reset the hidden settings and expanded views were not reset
|
|
- audio cache did not work properly
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.7:
|
|
changes:
|
|
- reset settings no longer only available in expert mode
|
|
|
|
fixes:
|
|
- protection for history length did not work
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.6:
|
|
changes:
|
|
- removed *Readout and *Input block modes (use protectedCanvasPart instead)
|
|
|
|
new features:
|
|
- options gui improvements
|
|
- url specific values can be added by hitting enter in the input
|
|
- highlight "hide" icon when "tabbing" to it
|
|
- made url specific values manageable with "tabbing"
|
|
- added setting "protected canvas part" to decouple block mode from part
|
|
- added "share persistent randomness between domains"
|
|
|
|
fixes:
|
|
- constant rng did not work properly when protecting input
|
|
- some display inconsistencies
|
|
- optional parameter on isPointInPath and isPointInStroke were broken
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.5:
|
|
changes:
|
|
- DOMRect uses double cache (value and complete DOMRect)
|
|
|
|
new features:
|
|
- added settings sanitation page
|
|
- added search field to browser action popup
|
|
|
|
fixes:
|
|
- Google images did not work for some users
|
|
- page action was not showing on Firefox Android
|
|
- wrong content script does no longer trigger the settings load forcing
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.4:
|
|
changes:
|
|
- converted "API whitelist" to "protected API features" (automatic settings migration)
|
|
- notification details are not stored by default
|
|
- settings page reorganized
|
|
- audio API notifies on every call
|
|
- made audio cache url specific
|
|
|
|
new features:
|
|
- added save/load directly to/from file option
|
|
- added protection for DOMRect (getClientRects)
|
|
- added setting to control if notification details should be stored
|
|
- state of the arrow for url specific values is saved
|
|
- browser action icon gets grayed out if the page is whitelisted
|
|
- added search to options page
|
|
|
|
fixes:
|
|
- window and audio API were always blocked when using any of the "block ..." modes
|
|
- canvas content was not stored to be displayed when wanted
|
|
- hovering over toolbar icon created error in the browser console
|
|
- canvas content was not shown in ask mode any more
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.3:
|
|
changes:
|
|
- removed active support for Firefox < 60
|
|
- maximal 250 notifications per domain and type will be rendered
|
|
|
|
new features:
|
|
- display version in options page
|
|
- added link to open options page in separate tab
|
|
- added option "Don't show again on update." for options page
|
|
- added option to highlight page action icon
|
|
- added option to control browser action icon on notifications
|
|
- added theme for browser and page action popup
|
|
- added badge
|
|
- added option to ignore APIs
|
|
- added protection for history length
|
|
- added protection for window name and opener
|
|
|
|
fixes:
|
|
- CSP did not work properly for worker-src
|
|
- detection if the options page was displayed in a separate tab did not work reliably
|
|
- popup text not readable in some dark themes
|
|
- display conditions for notification settings
|
|
- page action not useable with a lot of notifications
|
|
- blocking of blob-worker broke some pages
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.2b:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.2a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is forced
|
|
|
|
Version 0.5.2a:
|
|
known issues:
|
|
- due to API blocking some web pages may break. Use 0.5.2b instead.
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is not forced but all APIs are blocked
|
|
|
|
Version 0.5.2:
|
|
new features:
|
|
- separate persistent random numbers for incognito windows
|
|
(resets when closing all incognito windows - like cookies do)
|
|
- added toolbar icon
|
|
|
|
fixes:
|
|
- optimized CSP
|
|
- in Firefox ESR (52) iFrames with a blob-URL cannot be protected -> they have to be blocked there as well
|
|
- broken when using with Random Agent Spoofer
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.1.1b:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.1.1a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is forced
|
|
|
|
Version 0.5.1.1a:
|
|
known issues:
|
|
- due to API blocking some web pages may break. Use 0.5.1.1b instead.
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is not forced but all APIs are blocked
|
|
|
|
Version 0.5.1.1:
|
|
fixes:
|
|
- blocking blob: scheme broke some pages unnecessarily
|
|
|
|
Version 0.5.1b:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.1a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is forced
|
|
|
|
Version 0.5.1a:
|
|
known issues:
|
|
- due to API blocking some web pages may break. Use 0.5.1b instead.
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is not forced but all APIs are blocked
|
|
|
|
Version 0.5.1:
|
|
changes:
|
|
- instead of blocking requests from data URLs they are blocked themselves
|
|
|
|
new features:
|
|
- new setting: session white list that is cleared on addon load (= browser start)
|
|
|
|
fixes:
|
|
- Changes made in the page action were not saved in all Firefox versions
|
|
- Blocking requests data URLs blocked too much
|
|
|
|
known issues:
|
|
- if a data URL is blocked the page action button does not appear
|
|
|
|
Version 0.5.0.1b:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.0a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is forced
|
|
|
|
Version 0.5.0a:
|
|
known issues:
|
|
- due to API blocking some web pages may break. Use 0.5.0.1b instead.
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is not forced but all APIs are blocked
|
|
|
|
Version 0.5.0:
|
|
changes:
|
|
- Changes in the random supply API
|
|
- Added grouping to API white list
|
|
- Show page action when API is blocked
|
|
|
|
new features:
|
|
- Can protect Audio API
|
|
- Settings can be hidden
|
|
|
|
fixes:
|
|
- make function replacements not detectable
|
|
- "protect" data URL pages by blocking all requests from them
|
|
|
|
removed fixes:
|
|
- display of about:blank broken in Waterfox
|
|
reason: it should help protect data URL pages in the future
|
|
|
|
known issues:
|
|
- if a data URL request is blocked the page action button appears but shows no content
|
|
|
|
Version 0.4.5c:
|
|
new features:
|
|
- Added setting to whitelist parts of the canvas API
|
|
|
|
fixes:
|
|
- respect resistFingerPrinting setting in isPointInPath and isPointInStroke
|
|
|
|
Version 0.4.5b:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.4a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is forced
|
|
|
|
Version 0.4.5a:
|
|
known issues:
|
|
- due to API blocking some web pages may break. Use 0.4.5b instead.
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is not forced but all APIs are blocked
|
|
|
|
Version 0.4.5:
|
|
changes:
|
|
- added isPointInPath and isPointInStroke to the readout-API list
|
|
|
|
new features:
|
|
- Options page can be opened from page action
|
|
- Added way to inspect canvas content in ask mode while being asked
|
|
- Open options page on install or update if the options page cannot be accessed in another way
|
|
- Added sections in options
|
|
|
|
fixes:
|
|
- long clearing periods did not work
|
|
- prevent possible double faking
|
|
- asking did not work in some cases (auto deny)
|
|
|
|
Version 0.4.4b:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.4a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is forced
|
|
|
|
Version 0.4.4a:
|
|
known issues:
|
|
- due to API blocking some web pages may break. Use 0.4.4 instead.
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is not forced but all APIs are blocked
|
|
|
|
Version 0.4.4:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.3a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- show white, black and ignore list again, but only in expert mode
|
|
|
|
fixes:
|
|
- Firefox consumed 100% CPU and could not be closed
|
|
- Unknown setting breaks Firefox completely
|
|
|
|
Version 0.4.3c:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.3a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all
|
|
|
|
fixes:
|
|
- display of about:blank broken in Waterfox
|
|
- pinned tabs were not loaded and JS not executed in some cases
|
|
|
|
Version 0.4.3b:
|
|
known issues:
|
|
- force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.3a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all
|
|
|
|
changes:
|
|
- if settings are not loaded fast enough the loading is forced
|
|
|
|
Version 0.4.3a:
|
|
known issues:
|
|
- due to API blocking some web pages may break. Use 0.4.3b instead.
|
|
|
|
changes:
|
|
- hide white, black and ignore list as they can be done with the url specific settings. They are still present and working in the background.
|
|
- if settings are not loaded fast enough the loading is not forced but all APIs are blocked
|
|
|
|
new features:
|
|
- reset settings
|
|
- new white random generator - creates output similar to Tor browser
|
|
- blockMode and showNotifications can now be chosen url specific
|
|
- new setting to ignore canvas with only few colors
|
|
|
|
fixes:
|
|
- page action was not always showing
|
|
- waiting for settings created error messages in browser console
|
|
- do not show notifications when canvas faking was aborted
|
|
|
|
Version 0.4.2
|
|
new features:
|
|
- added settings export and import
|
|
|
|
fixes:
|
|
- settings are sometimes not fast enough loaded
|
|
|
|
Version 0.4.1:
|
|
changes:
|
|
- improved design of the page action display
|
|
- Enabled Firefox ESR
|
|
- persistent random generator data is always stored in the settings but cleared on restart if the store flag is not set
|
|
- cleaned up the options page
|
|
|
|
new features:
|
|
- setting to set an interval to clear the persistent random generator data
|
|
- setting for the ask deny mode
|
|
- ask only once can now also combine the API-types
|
|
|
|
fixes:
|
|
- unnecessary check for context type in getImageData broke websites
|
|
- getContext was not asked in ask mode.
|
|
|
|
Version 0.4.0.2:
|
|
fixes:
|
|
- some web pages were still broken with specific settings (e.g. twitch.tv)
|
|
- webGl was not faked any more
|
|
|
|
Version 0.4.0.1:
|
|
fixes:
|
|
- some web pages are broken (e.g. twitch.tv)
|
|
|
|
Version 0.4.0:
|
|
changes:
|
|
- switched to webExtension
|
|
- notifications are now done via page action
|
|
- minimal and maximal fake size are now respected in all fakeable functions
|
|
- fake readout now fakes one pixel at once and no longer one single channel
|
|
- new icon (special thanks to Thorin-Oakenpants)
|
|
|
|
new features:
|
|
- information of all fake events in one tab are visible
|
|
- settings page now only shows settings that are useful within the given settings set
|
|
- new preferences:
|
|
* minimal fake size
|
|
* setting to enable the inspection of the content of the faked canvas
|
|
* new random number generator "constant"
|
|
* setting to not fake the most frequent colors in a canvas
|
|
* setting to enable canvas cache
|
|
* setting to hide expert settings
|
|
* setting to control if the alpha channel should be faked as well
|
|
|
|
fixes:
|
|
- ask mode did not work for input types
|
|
- allow page scripts to overwrite the faked functions
|
|
- getImageData also faked when using fakeInput mode
|
|
|
|
Version 0.3.8:
|
|
new features:
|
|
- added embedded WebExtension to store the preferences for the transition
|
|
|
|
fixes:
|
|
- prevented error when canvas has size zero
|
|
- frame script was not loaded in the first tab that was restored from the last session
|
|
- prevented error when wrong object is passed to the faked functions
|
|
|
|
Version 0.3.7:
|
|
new features:
|
|
- data for persistent random number generator can be stored
|
|
|
|
fixes:
|
|
- fake at input was broken
|
|
- did not work at all in Firefox 45.7.0 (ESR)
|
|
- disabled WebGL created error
|
|
- ask for permission was broken
|
|
|
|
Version 0.3.6:
|
|
changes:
|
|
- only last bit of image values are changes also in non persistent mode
|
|
- removed default entry in white list
|
|
|
|
fixes:
|
|
- faking webGL
|
|
- added readPixels for webGL2
|
|
- removed error message when notification can not be closed
|
|
- about:blank pages are treated with respect to the opening page
|
|
- removed memory leak
|
|
- persistent rnd same for all tabs/windows with e10s enabled
|
|
|
|
Version 0.3.5
|
|
new features:
|
|
- improved performance when canvas bigger than maxSize.
|
|
|
|
fixes:
|
|
- German translations
|
|
- Fennec stopped working in version 50
|
|
|
|
Version 0.3.4:
|
|
changes:
|
|
- different fake modes show independent notifications
|
|
|
|
fixes:
|
|
- bug in readPixels (prevented Google Street View to work)
|
|
- performance issues
|
|
- German translations
|
|
|
|
Version 0.3.3:
|
|
changes:
|
|
- switching of the mode, white- and black-listing only affects new loaded pages
|
|
|
|
new features:
|
|
- auto close of the notifications (preference)
|
|
- button to show the release notes
|
|
|
|
fixes:
|
|
- "about:"-tabs could not be dragged
|
|
- performance issues
|
|
|
|
Version 0.3.2:
|
|
new features:
|
|
- "fake at input" mode
|
|
- fake notifications only show up when something is faked
|
|
|
|
fixes:
|
|
- fake notifications did not show always when something was faked
|
|
- ECMA 2016 compliant
|
|
- function signature for faked functions could not be read
|
|
|
|
Version 0.3.1:
|
|
new features:
|
|
- added fennec support
|
|
- faster faking performance
|
|
- new preferences:
|
|
* disabling faking in getImageData for big canvas
|
|
* persistent random number supply
|
|
|
|
fixes:
|
|
- ask for permission failed on prototype
|
|
|
|
Version 0.3.0:
|
|
new features:
|
|
- e10s ready
|