extension ExtPose

CanvasFingerprintBlock

CRX id

ipmjngkmngdcdpmgmiebdmfbkcecdndc-

Description from extension meta

Protect your privacy. Prevent webpages from tracking you by your browser's HTML canvas fingerprint.

Image from store CanvasFingerprintBlock
Description from store IMPORTANT: If the extension does not work on a specific site, please post the details in the SUPPORT section, as this will help me fix it. It is pointless to complain that it doesn’t work without posting the details. Thank you. RELEASES Version 1.5 (2016-Mar-06) • Updated script-injection technique so that it works also on pages with strict CSP. Version 1.4 (2016-Mar-05) • Extension was (unnecessarily) trying to patch functions in a cross-origin frame (like Hangouts frame in GMail, Disqus frame in several sites, etc.) from within the outer window. This was breaking the sites’ functionality; now this is avoided. Version 1.3 (2016-Feb-28) • Blocked iframe[@sandbox] canvas reads are now shown properly inside popup • More detailed information per blocking Version 1.2 (2016-Feb-27) • Now also blocks read attempts from canvas inside a sandboxed iframe element DETAILS Canvas Fingerprinting is one of latest technologies being adopted by websites to track visitors without using cookies. Such websites do this by painting an image on a hidden HTML <canvas> element and then taking a snapshot of it and posting the snapshot back to themselves. Because the exact pixel values in the drawn canvas can differ subtly from one set of hardware to another, these websites can use those differences to distinguish between visitors as well as to recognize specific visitors from one visit to the next. Which is what tracking cookies are normally used for, except that cookies may be disabled or deleted or avoided by browsing in Incognito mode, whereas to avoid Canvas Fingerprinting you need to use a tool like CanvasFingerprintBlock. The HTML <canvas> element exposes two types of JavaScript functions: functions to draw to the canvas, and functions to export data from the canvas (for the nerds, these are toDataURL() and getImageData()). The canvas-drawing functions are not affected by CanvasFingerprintBlock, so websites that use the canvas for basic drawing will not be affected. On the other hand, when a website tries to export data from the canvas, CanvasFingerprintBlock will “fool” the website by showing it a blank canvas instead of the canvas containing the actual pixels. If the website is reading the canvas data to generate a fingerprint, the generated fingerprint will be useless because CanvasFingerprintBlock makes everyone’s fingerprint look the same. If a little red fingerprint icon appears in the address bar beside the Bookmark ☆ icon, it means that the website you are visiting has tried to access the data of at least one canvas, and CanvasFingerprintBlock has blocked it. You will be surprised to discover how many websites employ Canvas Fingerprinting! Most websites are quite sneaky in how they create the fingerprint; the canvas is always hidden, and usually the canvas would have already been created, read and removed by the time the website has finished loading! Of course you will be curious to inspect what was being drawn right under your nose, and CanvasFingerprintBlock will let you see it by clicking on the little red fingerprint icon. Lastly, it is noteworthy to mention that not all websites that are trying to export data from a canvas are doing it maliciously. For example, some photo uploaders will let you edit your photo on a canvas and when you are ready will export the edited photo and upload it to the server. Or some other websites will use a “rough” canvas to draw a gradient or pattern, and will then export the canvas to use that pattern somewhere else on the page. When you see the little red fingerprint icon, by clicking on it it is usually easy to tell whether the blocked canvas was drawn for fingerprinting purposes or not. However it is not so simple to detect this automatically. So for the time being, CanvasFingerprintBlock will block all canvas data exports, and the only way of allowing a canvas read is to disable the extension temporarily. This will be fixed in a future update of CanvasFingerprintBlock. You may test CanvasFingerprintBlock on this website: http://www.browserleaks.com/canvas Note: If you are a user of Chrome’s Incognito mode, then to be fully protected it is advisable to enable the CanvasFingerprintBlock extension also in Incognito mode (check “Allow in Incognito”).

Latest reviews

  • (2020-11-15) Jason Close: It blocks Excel for Office365 workbooks from running in Chrome and there is no toggle to disable for specific sites, so guess I'll just delete the extension
  • (2020-11-05) M: Doesn't work on https://fingerprintjs.com/demo
  • (2020-03-05) Cser Soft: This extension will cause canvas.toDataURL to not work properly and return transparent png !!!
  • (2019-01-28) Leon: works great
  • (2018-06-05) ​ポール: Works great. The only thing it could use is a randomize feature. Randomization would break a lot of tracking, where as blocking just means they have a little bit less data to identify you with.
  • (2018-04-08) peressere chinonèbianco: CanvasFingerprintBlock consistently breaks the browserleaks.com/canvas site and crashes my 66.0.3359.81 beta Chrome browser at the same time.
  • (2018-03-17) victor gabriel: i can't remove it from my chrome
  • (2018-02-23) Rhomis Rhemis: It causes Google homepage not to work when clicking on their animated logos. (No white list). I have no clue if this thing works and have to way to test it.
  • (2018-01-01) Сергей Братуха: Google Chrome 63 не меняет Canvas. Плохо.
  • (2017-10-19) Skyline Plaza FC VA US: Make NO DIFFERENCE at https://panopticlick.eff.org/results?&t=111&dnt=111#fingerprintTable
  • (2017-06-10) Marcus Bauer: Fingerprint does not change and provides 7 bits of identifying info Bad. Uninstall.
  • (2017-06-07) Lars Bo Wassini: It is not possible to disable on specific sites that shows images I want to see. Missing the white-list option!
  • (2017-05-24) Just received this result after installing: Your browser fingerprint appears to be unique among the 308,797 tested so far. Currently, we estimate that your browser has a fingerprint that conveys at least 18.24 bits of identifying information.
  • (2017-02-13) AndrewNewAge: Not work
  • (2017-01-11) trytip x.: works ok but gives the SAME fingerprint to all users with this extension, on top of that some site now will have a blank page while using this canvasfingerprint block. it would be better if it faked a new fingerprint every page refresh. i guess being in a swarm with the same fingerprint does minimize your individual detection
  • (2016-11-03) Norman Glenk: Geht nicht mehr
  • (2016-09-06) S SC: Geht nicht. Finger weg davon!
  • (2016-06-28) John Arnold: Works well, seems to block canvas fingerprint attempts. Now all wee need is a few 10's of thousands more users so we are more unique. Right now this blocking tool can also be used as a unique identifier.
  • (2016-04-06) mark well: does not work on this page: https://panopticlick.eff.org/results?&a=111&t=111&dnt=111
  • (2016-03-30) Jeff Ober: This is an awesome extension and works very well but it *really* needs to be able to white-list by domain, preferably with an option to do so for the current session only.
  • (2016-03-28) Сергей Юрьев: Doesn`t work. panopticlick.eff.org shows my canvas fingerprint ID.
  • (2016-03-11) Florian Schneider: Funktioniert nicht
  • (2016-03-03) Matthew Marchetti: Can't whitelist certain sites.
  • (2016-03-03) Pavel Ondrejek: Updated, newer version works well. Thanks ***** doesnt work in chrome http://www.browserleaks.com/canvas
  • (2016-03-01) Online Citizen: Excellent extension. It does work fine on this website too http://www.browserleaks.com/canvas
  • (2016-02-29) Roger That: False positives, doesn't work on true positives.
  • (2016-02-12) Rolando Garza: It doesn't seem to work on the browserleaks page.
  • (2015-11-20) Morris Sasser: Doesn't seem to work again http://www.browserleaks.com/canvas

Latest issues

  • (2021-10-25, v:1.5) Rob Taylor-Ailes: Google Maps and Extension
    I have recently started having problems with Google Maps and CanvasFingerprintBlock as the place name data is all being detected by the blocker, meaning I can't actually see what places are where. Street names are fine, town names and similar are not. Not sure if this is you detecting incorrectly or Google being stupid and fingerprinting all the names.
  • (2020-11-15, v:1.5) Han Su: Interested in Cooperation
    We are a team working on privacy-preserving products and personal cloud computing, and we are interested in your extension and want to cooperate! Contact [email protected]
  • (2020-02-23, v:1.5) Euro Segway: Keep the same fingerprint value for a session please
    Hi there, First thanks for the perfect fingerprint plugins. Just wonder why you did not add an option to keep the fake fingerprints values for a whole browser session for exact website or even for one container for several tabs? It would be much useful and website will not feel the fake values Kind regards, Vladimir
  • (2019-02-02, v:1.5) doesnt work for HP computer
    doesnt work for HP computer
  • (2018-12-05, v:1.5) Mark Moriarty: To reiterate some other comments: can I whitelist certain domains?
    I do not want this to run on web.whatsapp.com or balsamiq.cloud
  • (2018-10-02, v:1.5) SamsonJasper: Web WhatsApp QR code
    Thanks for a great product. However on web.whatsapp QR code canvas is blocked. Please allow disable per site!
  • (2018-07-09, v:1.5) Can I whitelist certain exception domains?
    Hi there, You know the way you can have an add-blocker extension, but disable it for certain domains? e.g., "block ads on all sites except on bbc.co.uk"? Can I do something similar for this? I'd like to disable this extention for a few domains (like web.whatsapp.com, where I need to scan the QR code blocked by this extension). Otherwise I love your extension and I want it to be active on all other websites. Thanks. Mark (Reply via Twitter DM @MbyM)
  • (2018-04-08, v:1.5) peressere chinonèbianco: Consistently .. ⤵
    CanvasFingerprintBlock consistently breaks the browserleaks.com/canvas site and crashes my 66.0.3359.81 beta Chrome browser at the same time.
  • (2018-03-26, v:1.5) Should provide a override
    so that certain sites can be temporary allowed to render a canvas. Fritz!Box uses a canvas to render a QR code for guest WIFI access.
  • (2018-02-16, v:1.5) It wont inspect
    When I highlight something then hit right click on my mouse and that little white box where it says "print" ect. The Canvas Fingerprint doesn't pop up
  • (2017-12-30, v:1.5) Monk Livelong: Google photos panorama photos blocked
    When clicking the little curved arrow in the middle of a panorama photos the image should show a movable image. CanvasFingerprontBlock blocks this.
  • (2017-07-19, v:1.5) Dirk Zittersteyn: Causing issues on sign-in on HackerOne.com
    on https://hackerone.com/users/sign_in, this extension is causing an `Uncaught TypeError: Illegal invocation` when trying to sign in, and kills the sign in flow. Full stack trace: ``` vendor.0caefef2afde85c07d56.js:70 Uncaught TypeError: Illegal invocation at g (<anonymous>:1:463) at HTMLCanvasElement.c (<anonymous>:1:324) at HTMLCanvasElement.e.toDataURL (<anonymous>:1:1110) at t.getWebglFp (vendor.0caefef2afde85c07d56.js:48) at t.webglKey (vendor.0caefef2afde85c07d56.js:48) at t.get (vendor.0caefef2afde85c07d56.js:48) at Object.handleSubmit (frontend.9f2ab6d5c8510a5334e9.js:1) at Object.r (vendor.0caefef2afde85c07d56.js:84) at a (vendor.0caefef2afde85c07d56.js:48) at Object.s [as executeDispatchesInOrder] (vendor.0caefef2afde85c07d56.js:48) at p (vendor.0caefef2afde85c07d56.js:84) at g (vendor.0caefef2afde85c07d56.js:84) at Array.forEach (<anonymous>) at r (vendor.0caefef2afde85c07d56.js:48) at Object.processEventQueue (vendor.0caefef2afde85c07d56.js:84) at r (vendor.0caefef2afde85c07d56.js:48) at Object.handleTopLevel [as _handleTopLevel] (vendor.0caefef2afde85c07d56.js:48) at o (vendor.0caefef2afde85c07d56.js:11) at r.perform (vendor.0caefef2afde85c07d56.js:11) at Object.batchedUpdates (vendor.0caefef2afde85c07d56.js:1) at Object.o [as batchedUpdates] (vendor.0caefef2afde85c07d56.js:84) at dispatchEvent (vendor.0caefef2afde85c07d56.js:11) at HTMLFormElement.r (vendor.0caefef2afde85c07d56.js:70) ```
  • (2017-02-27, v:1.5) Kibana tag cloud
    When visualising data with a tag cloud in Kibana (the Elasticsearch front end) the rendered SVG rapidly animates all but one of the tags offscreen. Another vote for per-site whitelisting!

Statistics

Installs
10,000 history
Category
Rating
3.3 (60 votes)
Last update / version
2016-03-06 / 1.5
Listing languages

Links