1
0
mirror of https://github.com/kkapsner/CanvasBlocker synced 2024-12-22 12:50:36 +01:00
CanvasBlocker/releaseNotes.txt
2021-06-21 23:28:36 +02:00

22 KiB

Version 1.7: changes: -

new features:
	- 

fixes:
	- 

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.6.1: fixes: - Google login and account creation did not work

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.6: changes: - periodical persistent rnd clearing does not clear in active tabs - added paypal.com to the convenience preset - improved whitelist inspection - use proxy to hide changed functions - whitelisting now uses "allowEverything" instead of "allow"

new features:
	- try to not break tabs when updating
	- setting to postpone updates until browser restart or extension is reloaded
	- added status button in browser action to see and set the whitelist status
	- if the current block mode is set to blocking you can chose between faking and allowing if you whitelist an URL

fixes:
	- fix message canvasBlocker-unload
	- convenience preset did not work properly
	- random supply was not set properly on a fresh new tab

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.5: new features: - added {empty}, {false} and {undefined} to webGL preference parameters (i.e. VENDOR, RENDERER, UNMASKED_VENDOR_WEBGL and UNMASKED_RENDERER_WEBGL) - added {disabled} to UNMASKED_VENDOR_WEBGL and UNMASKED_RENDERER_WEBGL to disabled the WEBGL_debug_renderer_info extension - improved performance for protected canvas part "input"

fixes:
	- protection of DOM manipulations on unloaded windows may break websites

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.4: changes: - updated DOMRect protection

new features:
	- new translations

fixes:
	- Fix stuck Fenix

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.3: changes: - added canvas cache to isPointInPath and isPointInStroke

new features:
	- added link to FAQ
	- added offscreen canvas protection
	- new translations

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.2: changes: - removed unnecessary activeTab permission - always open options page in new tab

new features:
	- added warning if some features of a API are disabled
	- added TextMetrics protection

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.1: new features: - added notice for privacy.resistFingerprinting - added container specific navigator settings

fixes:
	- error when exporting function with name "top"
	- tabs opened with window.open broke when the parent tab was reloaded/closed
	- importing settings file with an very old storage version did not work at all

known issues:
	- if a data URL is blocked the page action button does not appear

Version 1.0: changes: - improved storage of protected API features - code cleanup - added mail.google.com to the convenience preset - added reCAPTCHA preset - the reCAPTCHA whitelisting entry is changed to "allow window.name in frames"

new features:
	- added screen protection
	- added default values for mobile

fixes:
	- background color of the textarea in the settings export was not readable in the dark theme when the value was invalid
	- settings sanitation: added missing APIs
	- navigator.oscpu and navigator.buildID are undefined in non Gecko browsers
	- resetting the settings had undesired side effects
	- added window.open protection
	- cross origin DOM manipulations
	- window.name protection was detectable
	- importing settings file with an older storage version did not work properly
	- fields hosted on braintree not working when window API was protected

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.14: changes: - reevaluated logging message levels

new features:
	- remove iframe protection from whitelisted pages
	- added protection for getParameter (webGL)

fixes:
	- improved option pages on mobile

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.13: new features: - added setting presets

fixes:
	- display of url specific settings did not work properly

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.12: changes: - rearranged some settings

new features:
	- enabled whitelisting of local files
	- added tabs in options page

fixes:
	- detect when browser.contextualIdentities.onRemoved is not supported

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.11: new features: - added auto update for beta versions - options: made sections collapsible - clear persistent rng data if a container is deleted - added tool to clear persistent rng for a specific container

fixes:
	- improved protection of (i)frame properties
	- document.write and document.writeln protection broke pages
	- race condition causes persistent rnd separation between containers to leak

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.10: changes: - min version is now 57 to remove the amount of warnings on submission

new features:
	- added date and time to the settings export file
	- persistent rng is no longer shared between containers (different cookieStoreId)

fixes:
	- setter for innerHTML broke pages
	- protection for document.write and document.writeln broke in Firefox 69
	- not connected iFrame threw error with persistent rng
	- detection over document.write and document.writeln was possible
	- google docs were broken in Waterfox
	- MutationObserver failed in some instances
	- server-site navigator protection did not respect whitelisting
	- confirm messages were broken in Firefox 67

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.9: changes: - code cleanup - made history length threshold url specific - made navigator protection url specific - uniform themes - simplified the "display hidden settings" UI

new features:
	- added protection for navigator properties
	- added support to import older storage versions
	- protection for data URLs can now be url specific
	- changed input of lists to textarea
	- added option to protect no part of the canvas API
	- apply themes to all extension pages (options, page action, browser action, setting sanitation, setting inspection, navigator settings)
	- theme for automatic detection of dark mode (only works with Firefox >= 67)
	- within the page action the used API can be whitelisted alone
	- added overview page for whitelist

fixes:
	- search could show hidden settings
	- faking audio did not work with white random generator
	- enabled copying from settings description when they are "hidden"
	- fixed description for "show notifications"
	- improved DOMRect performance
	- improved general performance when stack list is disabled
	- preventing double interception (increased performance and reduced detectability)
	- detection over navigator and DOMRect getters was possible
	- audio cache could break readout
	- improved iFrame protection
	- SOP detection did not work all the time

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.8: changes: - audio faking will not alter buffers with only zero values

new features:
	- added combined cache for getChannelData and copyFromChannel:
		- better performance
		- prevent double faking => prevent detection

fixes:
	- after reset the hidden settings and expanded views were not reset
	- audio cache did not work properly

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.7: changes: - reset settings no longer only available in expert mode

fixes:
	- protection for history length did not work

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.6: changes: - removed *Readout and *Input block modes (use protectedCanvasPart instead)

new features:
	- options gui improvements
		- url specific values can be added by hitting enter in the input
		- highlight "hide" icon when "tabbing" to it
		- made url specific values manageable with "tabbing"
	- added setting "protected canvas part" to decouple block mode from part
	- added "share persistent randomness between domains"

fixes:
	- constant rng did not work properly when protecting input
	- some display inconsistencies
	- optional parameter on isPointInPath and isPointInStroke were broken

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.5: changes: - DOMRect uses double cache (value and complete DOMRect)

new features:
	- added settings sanitation page
	- added search field to browser action popup

fixes:
	- Google images did not work for some users
	- page action was not showing on Firefox Android
	- wrong content script does no longer trigger the settings load forcing

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.4: changes: - converted "API whitelist" to "protected API features" (automatic settings migration) - notification details are not stored by default - settings page reorganized - audio API notifies on every call - made audio cache url specific

new features:
	- added save/load directly to/from file option
	- added protection for DOMRect (getClientRects)
	- added setting to control if notification details should be stored
	- state of the arrow for url specific values is saved
	- browser action icon gets grayed out if the page is whitelisted
	- added search to options page

fixes:
	- window and audio API were always blocked when using any of the "block ..." modes
	- canvas content was not stored to be displayed when wanted
	- hovering over toolbar icon created error in the browser console
	- canvas content was not shown in ask mode any more

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.3: changes: - removed active support for Firefox < 60 - maximal 250 notifications per domain and type will be rendered

new features:
	- display version in options page
	- added link to open options page in separate tab
	- added option "Don't show again on update." for options page
	- added option to highlight page action icon
	- added option to control browser action icon on notifications
	- added theme for browser and page action popup
	- added badge
	- added option to ignore APIs
	- added protection for history length
	- added protection for window name and opener

fixes:
	- CSP did not work properly for worker-src
	- detection if the options page was displayed in a separate tab did not work reliably
	- popup text not readable in some dark themes
	- display conditions for notification settings
	- page action not useable with a lot of notifications
	- blocking of blob-worker broke some pages

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.2b: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.2a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all

changes:
	- if settings are not loaded fast enough the loading is forced

Version 0.5.2a: known issues: - due to API blocking some web pages may break. Use 0.5.2b instead.

changes:
	- if settings are not loaded fast enough the loading is not forced but all APIs are blocked

Version 0.5.2: new features: - separate persistent random numbers for incognito windows (resets when closing all incognito windows - like cookies do) - added toolbar icon

fixes:
	- optimized CSP
	- in Firefox ESR (52) iFrames with a blob-URL cannot be protected -> they have to be blocked there as well
	- broken when using with Random Agent Spoofer

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.1.1b: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.1.1a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all

changes:
	- if settings are not loaded fast enough the loading is forced

Version 0.5.1.1a: known issues: - due to API blocking some web pages may break. Use 0.5.1.1b instead.

changes:
	- if settings are not loaded fast enough the loading is not forced but all APIs are blocked

Version 0.5.1.1: fixes: - blocking blob: scheme broke some pages unnecessarily

Version 0.5.1b: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.1a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all

changes:
	- if settings are not loaded fast enough the loading is forced

Version 0.5.1a: known issues: - due to API blocking some web pages may break. Use 0.5.1b instead.

changes:
	- if settings are not loaded fast enough the loading is not forced but all APIs are blocked

Version 0.5.1: changes: - instead of blocking requests from data URLs they are blocked themselves

new features:
	- new setting: session white list that is cleared on addon load (= browser start)

fixes:
	- Changes made in the page action were not saved in all Firefox versions
	- Blocking requests data URLs blocked too much

known issues:
	- if a data URL is blocked the page action button does not appear

Version 0.5.0.1b: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.5.0a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all

changes:
	- if settings are not loaded fast enough the loading is forced

Version 0.5.0a: known issues: - due to API blocking some web pages may break. Use 0.5.0.1b instead.

changes:
	- if settings are not loaded fast enough the loading is not forced but all APIs are blocked

Version 0.5.0: changes: - Changes in the random supply API - Added grouping to API white list - Show page action when API is blocked

new features:
	- Can protect Audio API
	- Settings can be hidden

fixes:
	- make function replacements not detectable
	- "protect" data URL pages by blocking all requests from them

removed fixes:
	- display of about:blank broken in Waterfox
	  reason: it should help protect data URL pages in the future

known issues:
	- if a data URL request is blocked the page action button appears but shows no content

Version 0.4.5c: new features: - Added setting to whitelist parts of the canvas API

fixes:
	- respect resistFingerPrinting setting in isPointInPath and isPointInStroke

Version 0.4.5b: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.4a instead or use Firefox >= 59 which provides the required API to solve this issue once and for all

changes:
	- if settings are not loaded fast enough the loading is forced

Version 0.4.5a: known issues: - due to API blocking some web pages may break. Use 0.4.5b instead.

changes:
	- if settings are not loaded fast enough the loading is not forced but all APIs are blocked

Version 0.4.5: changes: - added isPointInPath and isPointInStroke to the readout-API list

new features:
	- Options page can be opened from page action
	- Added way to inspect canvas content in ask mode while being asked
	- Open options page on install or update if the options page cannot be accessed in another way
	- Added sections in options

fixes:
	- long clearing periods did not work
	- prevent possible double faking
	- asking did not work in some cases (auto deny)

Version 0.4.4b: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.4a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all

changes:
	- if settings are not loaded fast enough the loading is forced

Version 0.4.4a: known issues: - due to API blocking some web pages may break. Use 0.4.4 instead.

changes:
	- if settings are not loaded fast enough the loading is not forced but all APIs are blocked

Version 0.4.4: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.3a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all

changes:
	- show white, black and ignore list again, but only in expert mode

fixes:
	- Firefox consumed 100% CPU and could not be closed
	- Unknown setting breaks Firefox completely

Version 0.4.3c: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.3a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all

fixes:
	- display of about:blank broken in Waterfox
	- pinned tabs were not loaded and JS not executed in some cases

Version 0.4.3b: known issues: - force setting loadings may result in non working plugins or not opening direct image links. Use 0.4.3a instead or wait for Firefox 59 which provides the required API to solve this issue once and for all

changes:
	- if settings are not loaded fast enough the loading is forced

Version 0.4.3a: known issues: - due to API blocking some web pages may break. Use 0.4.3b instead.

changes:
	- hide white, black and ignore list as they can be done with the url specific settings. They are still present and working in the background.
	- if settings are not loaded fast enough the loading is not forced but all APIs are blocked

new features:
	- reset settings
	- new white random generator - creates output similar to Tor browser
	- blockMode and showNotifications can now be chosen url specific
	- new setting to ignore canvas with only few colors

fixes:
	- page action was not always showing
	- waiting for settings created error messages in browser console
	- do not show notifications when canvas faking was aborted

Version 0.4.2 new features: - added settings export and import

fixes:
	- settings are sometimes not fast enough loaded

Version 0.4.1: changes: - improved design of the page action display - Enabled Firefox ESR - persistent random generator data is always stored in the settings but cleared on restart if the store flag is not set - cleaned up the options page

new features:
	- setting to set an interval to clear the persistent random generator data
	- setting for the ask deny mode
	- ask only once can now also combine the API-types

fixes:
	- unnecessary check for context type in getImageData broke websites
	- getContext was not asked in ask mode.

Version 0.4.0.2: fixes: - some web pages were still broken with specific settings (e.g. twitch.tv) - webGl was not faked any more

Version 0.4.0.1: fixes: - some web pages are broken (e.g. twitch.tv)

Version 0.4.0: changes: - switched to webExtension - notifications are now done via page action - minimal and maximal fake size are now respected in all fakeable functions - fake readout now fakes one pixel at once and no longer one single channel - new icon (special thanks to Thorin-Oakenpants)

new features:
	- information of all fake events in one tab are visible
	- settings page now only shows settings that are useful within the given settings set
	- new preferences:
		* minimal fake size
		* setting to enable the inspection of the content of the faked canvas
		* new random number generator "constant"
		* setting to not fake the most frequent colors in a canvas
		* setting to enable canvas cache
		* setting to hide expert settings
		* setting to control if the alpha channel should be faked as well

fixes:
	- ask mode did not work for input types
	- allow page scripts to overwrite the faked functions
	- getImageData also faked when using fakeInput mode

Version 0.3.8: new features: - added embedded WebExtension to store the preferences for the transition

fixes:
	- prevented error when canvas has size zero
	- frame script was not loaded in the first tab that was restored from the last session
	- prevented error when wrong object is passed to the faked functions

Version 0.3.7: new features: - data for persistent random number generator can be stored

fixes:
	- fake at input was broken
	- did not work at all in Firefox 45.7.0 (ESR)
	- disabled WebGL created error
	- ask for permission was broken

Version 0.3.6: changes: - only last bit of image values are changes also in non persistent mode - removed default entry in white list

fixes:
	- faking webGL
	- added readPixels for webGL2
	- removed error message when notification can not be closed
	- about:blank pages are treated with respect to the opening page
	- removed memory leak
	- persistent rnd same for all tabs/windows with e10s enabled

Version 0.3.5 new features: - improved performance when canvas bigger than maxSize.

fixes:
	- German translations
	- Fennec stopped working in version 50

Version 0.3.4: changes: - different fake modes show independent notifications

fixes:
	- bug in readPixels (prevented Google Street View to work)
	- performance issues
	- German translations

Version 0.3.3: changes: - switching of the mode, white- and black-listing only affects new loaded pages

new features:
	- auto close of the notifications (preference)
	- button to show the release notes

fixes:
	- "about:"-tabs could not be dragged
	- performance issues

Version 0.3.2: new features: - "fake at input" mode - fake notifications only show up when something is faked

fixes:
	- fake notifications did not show always when something was faked
	- ECMA 2016 compliant
	- function signature for faked functions could not be read

Version 0.3.1: new features: - added fennec support - faster faking performance - new preferences: * disabling faking in getImageData for big canvas * persistent random number supply

fixes:
	- ask for permission failed on prototype

Version 0.3.0: new features: - e10s ready