扩展简介
Prevent HTML canvas element from generating a unique identification key to protect user's privacy/r/nThis extension protects user privacy by prevents the HTML canvas element from being used by malicious scripts for fingerprinting the user. This extension adds a slight noise to the data generated by the canvas element when certain methods are being called. This way the canvas element cannot be used for fingerprinting purposes. Compared to other similar extensions, this one is lighter and uses a more effective method to block fingerprinting from all frame elements (top and subframes). The extension supports three modes of operation:
1. Random noise
2. Random noise (per session) (to have a fixed identity for current page session)
3. Fixed noise (to have a fixed but unique identity all the time)
Features:
1. Fingerprint defender with as minimum footprint as possible
2. Block or disable fingerprint on certain hostnames
3. Notify when the canvas fingerprint is detected
4. Disable notification for a few hostnames or for all hostnames.
5. Works on cross-origin (CORS) and sandboxed iframes (like Disqus and Hangouts)
Notes:
1. There is no on and off button as the extension is not meant to be disabled. If there is a use case of the on and off button please report on the FAQs page (review section)
2. This extension does not block the canvas element entirely. It only modifies two methods to prevent the JavaScript engine from generating a unique identification key from this element.
What is Canvas Fingerprinting:
Canvas fingerprinting is one of a number of browser fingerprinting techniques for tracking online users that allow websites to identify and track visitors using the HTML5 canvas element instead of browser cookies or other similar means. Canvas fingerprinting works by exploiting the HTML5 canvas element. When a user visits a page, the fingerprinting script first draws text with the font and size of its choice and adds background colors. Next, the script calls Canvas API?s ToDataURL method to get the canvas pixel data in dataURL format, which is basically a Base64 encoded representation of the binary pixel data. Finally, the script takes the hash of the text-encoded pixel data, which serves as the fingerprint.
发表评论