Comments (7)
https://demos.traudt.xyz/css/media/index.html is a prettier PoC :) and I think sereneblue is right, that you can't spoof this
I deal with it by using uMatrix in extreme hard mode, i block all css except 1st party by default. Not many sites (for me) require 3rd party css (or if it is, it's one I can set globally such as wordpress)
from chameleon.
See also here: https://arthuredelstein.github.io/tordemos/media-query-fingerprint.html
It can read me screen size when spoofing is on.
from chameleon.
This is similar to these issues: #25 and #19.
I'll have to do some more research to see what's the best way to go about solving this.
from chameleon.
That's an interesting link but I'm not sure if it's possible to spoof media queries.
from chameleon.
Thanks for the input @Thorin-Oakenpants. I'm going to start working on the "Recommended Setup" page of the wiki and will be sure to mention that.
@danielcra Looks like uMatrix is your best bet.
@jahnson v0.8.0 fixes the spoofing issues.
from chameleon.
Thank you all for your helpful input & to @sereneblue for fixing the spoofing issues.
from chameleon.
@Thorin-Oakenpants good idea, although it might still be impossible to block those media when 1st party.
Therefore it might be a good idea to have script that parses those @media tags, remove any HTTP requests in them, or at least notify about them, clean them by modifying it if needed.
Does such script / webext exist ?
from chameleon.
Related Issues (20)
- TypeError: navigator.plugins is not iterable HOT 2
- Audio data = unique at https://amiunique.org HOT 2
- Twitter.com poll vote gets undo if Chameleon is enabled HOT 2
- Preferences got deleted when addon updated HOT 5
- Fingerprint Resisting Fail HOT 1
- Can we add feature of custom User Agent ? HOT 1
- Bing ai captcha problem HOT 2
- [Feature request] Periodically change timezone based on IP
- How to install in Google Chrome HOT 1
- Replace X-Forwarded-For/Via by Forwarded Standard HOT 1
- [Feature request] Referer options:For in-page resources (images, videos, js, css etc.), allow trimmed referer HOT 1
- Protect Window name interferes with basic javascript variables HOT 2
- Mouseover/hover hints in the popup menu HOT 3
- Whitelisting with default profile does not disable options HOT 4
- Can make gpu spoof HOT 1
- Chameleon vs Chameleon legacy[question] HOT 2
- TikTok.com not working properly HOT 3
- Out of Date Profiles HOT 1
- Hyperlink auditing? HOT 1
- Audio sounds weird on some websites HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chameleon.