Showing content from https://github.com/ghacksuserjs/ghacks-user.js/issues/7 below:
privacy.resistFingerprinting Β· Issue #7 Β· arkenfox/user.js Β· GitHub
Skip to content Navigation Menu
Saved searches Use saved searches to filter your results more quickly
Sign up You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert Additional navigation options
meta: tor uplift: privacy.resistFingerprinting #7
Description
Locked sticky issue for tracking privacy.resistFingerprinting
Last updated: see changelog at foot (regularly cleaned out)
RESOLVED & ADDED TO USER.JS if applicable
π» FF41
- 418986 enable privacy.resistFingerprinting (limit window.screen & CSS media etc)
// user_pref("privacy.resistFingerprinting", true);
π» FF50
- 1281949 spoof screen orientation
- 1281963 hide the contents of navigator.plugins and navigator.mimeTypes
- FF53: 1324044 fixes GetSupportedNames in nsMimeTypeArray and nsPluginArray
π» FF55
- 1330890 spoof timezone as UTC 0
- FF58: 818634 deprecates Date.toLocaleFormat
- FF60: 1409973 fixes Date.toLocaleDateString and Intl.DateTimeFormat
- 1330882 new window sizes to round to hundreds & override prefs
// user_pref("privacy.window.maxInnerWidth", 1600);
// user_pref("privacy.window.maxInnerHeight", 900);
- 1360039 spoof navigator.hardwareConcurrency as 2
- 1217238 reduce precision of time exposed by javascript
π» FF56
- 1369303 spoof/disable performance API
- 1333651 & 1383495 & 1396468 spoof navigator API
- FF57: 1393283 spoof as ESR instead of 10s
- FF59: 1415488 UA leaks over HTTP CONNECT method - fixed as a result of 1419771
- FF59: 1404608 do not lie about OS (limit to Windows, OSX, Android, or Linux)
- FF59: 1418672 due to ESR being out of whack and Aurora/Nightly sometimes being ahead of ESR releases, the value is now temporally hardcoded to 52
- FF60: 1418162 ESR algorithm fixed for 60+7's
- FF63: 1472618 navigator.platform returns "Win32" (but JS UA still shows 64bit)
- FF66: 1509829 upstream Tor 26146 reduce UA HTTP headers to two OSes (Windows, Android)
- FF67: 1511763 ESR cadence fixed to 60+8's
- FF68: 1511434 UA Spoof -> Windows 10, OS 10.14, Android 8.1
- FF78: 1599188 version algorithm hardcoded in 78+ to cadence 13
- FF78: 1635011 UA Spoof -> OS 10.15, Android 9.0
- 1369319 disable device sensors
- 1369357 disable site specific zoom
- 1337161 hide gamepads from content
- 1372072 spoof network information API as "unknown"
- 1372069 block geolocation requests
- FF63: 1441295 reverted: RFP no longer blocks geo
- 1333641 disable WebSpeech API
π» FF57
- 1369309 spoof media statistics
- 1382499 reduce screen co-ordinate fingerprinting in Touch API
- 1217290 enable fingerprinting resistance for WebGL
- 1382545 reduce fingerprinting in Animation API
- 1354633 limit MediaError.message to a whitelist
- 1382533 enable fingerprinting resistance for Presentation API
- 1384330 disable mozAddonManager Web API
// user_pref("privacy.resistFingerprinting.block_mozAddonManager", true);
π» FF58
- 967895 prompt (site permission) before allowing canvas data extraction
- FF59: 1413780 when RFP=true include canvas in site permissions panel
- FF59: 1376865 reduce canvas prompt fatigue by only prompting when user initiated (controlled by a temp pref
privacy.resistFingerprinting.autoDeclineNoUserInputCanvasPrompts )
- FF61: 1412961 RFP breaks extensions using canvas eg Screenshots:
-
until then, you can open about:debugging>Add-ons, click the extension's manifest.url and on that page, right click >View Page Info>Permissions and set a canvas exception
- FF62: 1453916 Fixes more extension + canvas issues
- 1397611 extensions can control
privacy.resistFingerprinting
- 1424341 FYI ONLY: Timing: not added to user.js: RFP timing & timer precision
// privacy.reduceTimerPrecision
// privacy.resistFingerprinting.reduceTimerPrecision.microseconds
π» FF59
- 1372073 spoof/block fingerprinting in MediaDevices API
- 1039069 warn when language prefs are set to non en-US
privacy.spoof_english (pref is used internally AFAICT, we should not meddle with it)- at this stage the pref has not been added to the user.js, but the bugzilla has
- 1222285 spoof keyboard events and suppress keyboard modifier events
π» FF60
- 1337157 disable WebGL debug renderer info (see
2011)
- 1425462 FYI ONLY: Timing: not added to user.js: RFP timing precision jitter
// privacy.resistFingerprinting.reduceTimerPrecision.jitter
π» FF62
- 1459089 [Firefox for Android] HTTP Accept-Language header no longer leaks OS locale
π» FF63
- 1479239 return
no-preference with prefers-reduced-motion
π» FF64
- 1363508 spoof/suppress Pointer Events
π» FF65
π» FF67
- 1485266 enforce
ui.use_standins_for_native_colors=true (2618)
- 1407366 RFP letterboxing
// user_pref("privacy.resistFingerprinting.letterboxing", true);
// user_pref("privacy.resistFingerprinting.letterboxing.dimensions", "");
- 1485264 FYI: remove
dom.event.highrestimestamp.enabled
- 1494034 enforce
light with prefers-color-scheme - see MDN for this standard added in FF67
π» FF68
- 1492587 possible date picker locale leak fix
π» FF70
π» FF72
- 1595823 spoof audioContext sampleRate
π» FF74
- 1607316 spoof pointer as coarse and hover as none on android
π» FF78
- 1621433 randomize canvas
- note: as of writing,
isPointInPath and isPointInStroke still use the white-canvas
π» FF80
- 1653987 font visibility is restricted to
BaseFonts (non Android)
- click here
- the lists are hardcoded lists with two parts
kBaseFonts and kLangPackFonts
- note: this is the same as setting
layout.css.font-visibility.level = 1
π» FF82
- 1461454 spoof smooth=true and powerEfficient=false for Supported Media in MediaCapabilities
CHANGELOG
2020
- May 6: cleaned out changelog
- May 6: 1635011 (rfp os spoof changes) β FF78+ (under FF56 section)
- May 15: added entries for FF74 and FF78
- Jul 29: 1653987 (font visibility) β FF80+
- Nov 11: 1461454 (mediaCapabilities) β FF82+
- Dec 26: removed followups, pending, and invalid/wontfix sections since I'm not maintaining them and they're out of date
...
You canβt perform that action at this time.
RetroSearch is an open source project built by @garambo
| Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.3