Screen Size Spoofing does not work [correctly] about chameleon HOT 7 CLOSED

https://demos.traudt.xyz/css/media/index.html is a prettier PoC :) and I think sereneblue is right, that you can't spoof this

I deal with it by using uMatrix in extreme hard mode, i block all css except 1st party by default. Not many sites (for me) require 3rd party css (or if it is, it's one I can set globally such as wordpress)

from chameleon.

See also here: https://arthuredelstein.github.io/tordemos/media-query-fingerprint.html
It can read me screen size when spoofing is on.

from chameleon.

This is similar to these issues: #25 and #19.

I'll have to do some more research to see what's the best way to go about solving this.

from chameleon.

That's an interesting link but I'm not sure if it's possible to spoof media queries.

from chameleon.

Thanks for the input @Thorin-Oakenpants. I'm going to start working on the "Recommended Setup" page of the wiki and will be sure to mention that.

@danielcra Looks like uMatrix is your best bet.

@jahnson v0.8.0 fixes the spoofing issues.

from chameleon.

Thank you all for your helpful input & to @sereneblue for fixing the spoofing issues.

from chameleon.

@Thorin-Oakenpants good idea, although it might still be impossible to block those media when 1st party.
Therefore it might be a good idea to have script that parses those @media tags, remove any HTTP requests in them, or at least notify about them, clean them by modifying it if needed.
Does such script / webext exist ?

from chameleon.