| |
@@ -26,7 +26,7 @@
|
| |
/**
|
| |
* Wrapping groups
|
| |
*
|
| |
- * Used to control the built-in levels and GUI (e.g. level tweaks).
|
| |
+ * Used to control the built-in levels and options GUI.
|
| |
*/
|
| |
var wrapping_groups = {
|
| |
empty_level: { /// Automatically populated
|
| |
@@ -34,14 +34,17 @@
|
| |
level_id: "",
|
| |
level_description: "",
|
| |
},
|
| |
- group_map: {}, ///Automatically populated
|
| |
- wrapper_map: {}, ///Automatically populated
|
| |
- group_names: [], ///Automatically populated
|
| |
+ option_map: {}, ///Automatically populated
|
| |
+ associated_params: {}, ///Automatically populated
|
| |
get_wrappers: function(level) {
|
| |
wrappers = [];
|
| |
for (group of wrapping_groups.groups) {
|
| |
- if ((level[group.id] !== undefined) && level[group.id] !== 0) {
|
| |
- let arg_values = group.params[level[group.id] - 1].config;
|
| |
+ if (level[group.id] === true) {
|
| |
+ let arg_names = wrapping_groups.associated_params[group.id];
|
| |
+ let arg_values = arg_names.reduce(function(prev, name) {
|
| |
+ prev.push(level[name]);
|
| |
+ return prev;
|
| |
+ }, []);
|
| |
group.wrappers.forEach((w) => wrappers.push([w, ...arg_values]));
|
| |
}
|
| |
}
|
| |
@@ -51,23 +54,36 @@
|
| |
{
|
| |
name: "time_precision",
|
| |
label: "Time precision",
|
| |
- description: "Prevent attacks and fingerprinting techniques relying on precise time measurement (or make them harder).",
|
| |
- description2: ["Limit the precision of high resolution time stamps (Date, Performance, events, Gamepad API, Web VR API). Timestamps provided by the Geolocation API are wrapped as well if you enable Geolocation API wrapping"],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Poor",
|
| |
- description: "Round time to hundredths of a second (1.230)",
|
| |
- config: [2, false],
|
| |
- },
|
| |
- {
|
| |
- short: "Low",
|
| |
- description: "Round time to tenths of a second (1.200)",
|
| |
- config: [1, false],
|
| |
- },
|
| |
- {
|
| |
- short: "High",
|
| |
- description: "Randomize decimal digits with noise (1.451)",
|
| |
- config: [0, true],
|
| |
+ description: "Limit the precision of high resolution time stamps (Date, Performance, events, Gamepad API, Web VR API)",
|
| |
+ description2: ["Timestamps provided by the Geolocation API are wrapped as well if you enable Geolocation API wrapping"],
|
| |
+ options: [
|
| |
+ {
|
| |
+ description: "Manipulate time to",
|
| |
+ ui_elem: "select",
|
| |
+ name: "precision",
|
| |
+ default: 1,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 2,
|
| |
+ description: "Hundredths of a second (1.230)",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 1,
|
| |
+ description: "Tenths of a second (1.200)",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Full seconds (1.000)",
|
| |
+ },
|
| |
+ ],
|
| |
+ },
|
| |
+ {
|
| |
+ ui_elem: "input-checkbox",
|
| |
+ name: "randomize",
|
| |
+ description: "Apply additional randomization after rounding (note that the random noise is influenced by the selected precision and consequently is more effective with lower time precision)",
|
| |
+ data_type: "Boolean",
|
| |
+ default: false,
|
| |
},
|
| |
],
|
| |
wrappers: [
|
| |
@@ -89,24 +105,30 @@
|
| |
},
|
| |
{
|
| |
name: "htmlcanvaselement",
|
| |
- label: "Localy rendered images",
|
| |
- description: "Protect against canvas fingerprinting.",
|
| |
+ description: "Protect against canvas fingerprinting",
|
| |
description2: [
|
| |
"Functions canvas.toDataURL(), canvas.toBlob(), CanvasRenderingContext2D.getImageData(), OffscreenCanvas.convertToBlob() return modified image data to prevent fingerprinting",
|
| |
"CanvasRenderingContext2D.isPointInStroke() and CanvasRenderingContext2D.isPointInPath() are modified to lie with probability"
|
| |
],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Little lies",
|
| |
- description: "Alter image data based on domain hash",
|
| |
- config: [0],
|
| |
- },
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Replace by white image",
|
| |
- config: [1],
|
| |
- },
|
| |
- ],
|
| |
+ options: [
|
| |
+ {
|
| |
+ description: "farbling type",
|
| |
+ ui_elem: "select",
|
| |
+ name: "method",
|
| |
+ default: 0,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Alter image data based on domain and session hashes",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 1,
|
| |
+ description: "Replace by white image",
|
| |
+ }
|
| |
+ ],
|
| |
+ }
|
| |
+ ],
|
| |
wrappers: [
|
| |
// H-C
|
| |
"CanvasRenderingContext2D.prototype.getImageData",
|
| |
@@ -119,22 +141,28 @@
|
| |
},
|
| |
{
|
| |
name: "audiobuffer",
|
| |
- label: "Locally generated audio and audio card information",
|
| |
- description: "Protect against audio fingerprinting, spoof details of your audio card.",
|
| |
+ description: "Protect against audio fingerprinting",
|
| |
description2: [
|
| |
"Functions AudioBuffer.getChannelData(), AudioBuffer.copyFromChannel(), AnalyserNode.getByteTimeDomainData(), AnalyserNode.getFloatTimeDomainData(), AnalyserNode.getByteFrequencyData() and AnalyserNode.getFloatFrequencyData() are modified to alter audio data based on domain key"
|
| |
],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Little lies",
|
| |
- description: "Add amplitude noise based on domain hash",
|
| |
- config: [0],
|
| |
- },
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Replace by white noise based on domain hash",
|
| |
- config: [1],
|
| |
- },
|
| |
+ options: [
|
| |
+ {
|
| |
+ description: "farbling type",
|
| |
+ ui_elem: "select",
|
| |
+ name: "method",
|
| |
+ default: 0,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Add amplitude noise based on domain hash",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 1,
|
| |
+ description: "Replace by white noise based on domain hash",
|
| |
+ }
|
| |
+ ],
|
| |
+ }
|
| |
],
|
| |
wrappers: [
|
| |
// AUDIO
|
| |
@@ -148,25 +176,29 @@
|
| |
},
|
| |
{
|
| |
name: "webgl",
|
| |
- label: "Localy rendered images and graphic card information",
|
| |
- description: "Protect against WEBGL fingerprinting, spoof details of your graphic card.",
|
| |
+ description: "Protect against WEBGL fingerprinting",
|
| |
description2: [
|
| |
"Function WebGLRenderingContext.getParameter() returns modified/bottom values for certain parameters",
|
| |
"WebGLRenderingContext functions .getFramebufferAttachmentParameter(), .getActiveAttrib(), .getActiveUniform(), .getAttribLocation(), .getBufferParameter(), .getProgramParameter(), .getRenderbufferParameter(), .getShaderParameter(), .getShaderPrecisionFormat(), .getTexParameter(), .getUniformLocation(), .getVertexAttribOffset(), .getSupportedExtensions() and .getExtension() return modified values",
|
| |
"Function WebGLRenderingContext.readPixels() returns modified image data to prevent fingerprinting"
|
| |
],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Little lies",
|
| |
- description: "Generate random numbers/strings and modify canvas using domain hash",
|
| |
- config: [0],
|
| |
- },
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Return bottom values (null, empty string), empty canvas",
|
| |
- config: [1],
|
| |
- },
|
| |
- ],
|
| |
+ options: [{
|
| |
+ description: "farbling type",
|
| |
+ ui_elem: "select",
|
| |
+ name: "method",
|
| |
+ default: 0,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Generate random numbers/strings based on domain hash, modified canvas",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 1,
|
| |
+ description: "Return bottom values (null, empty string), empty canvas",
|
| |
+ }
|
| |
+ ],
|
| |
+ }],
|
| |
wrappers: [
|
| |
// WEBGL
|
| |
"WebGLRenderingContext.prototype.getParameter",
|
| |
@@ -205,26 +237,29 @@
|
| |
},
|
| |
{
|
| |
name: "plugins",
|
| |
- label: "Installed browser plugins",
|
| |
description: "Protect against plugin fingerprinting",
|
| |
description2: [],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Little lies",
|
| |
- description: "Edit current and add two fake plugins",
|
| |
- config: [0],
|
| |
- },
|
| |
- {
|
| |
- short: "Fake",
|
| |
- description: "Return two fake plugins",
|
| |
- config: [1],
|
| |
- },
|
| |
- {
|
| |
- short: "Empty",
|
| |
- description: "Return empty",
|
| |
- config: [2],
|
| |
- },
|
| |
- ],
|
| |
+ options: [{
|
| |
+ description: "farbling type",
|
| |
+ ui_elem: "select",
|
| |
+ name: "method",
|
| |
+ default: 0,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Edit current and add two fake plugins",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 1,
|
| |
+ description: "Return two fake plugins",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 2,
|
| |
+ description: "Return empty"
|
| |
+ }
|
| |
+ ],
|
| |
+ }],
|
| |
wrappers: [
|
| |
// NP
|
| |
"Navigator.prototype.plugins", // also modifies "Navigator.prototype.mimeTypes",
|
| |
@@ -232,28 +267,31 @@
|
| |
},
|
| |
{
|
| |
name: "enumerateDevices",
|
| |
- label: "Connected cameras and microphones",
|
| |
description: "Prevent fingerprinting based on the multimedia devices connected to the computer",
|
| |
description2: [
|
| |
"Function MediaDevices.enumerateDevices() is modified to return empty or modified result"
|
| |
],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Little lies",
|
| |
- description: "Randomize order",
|
| |
- config: [0],
|
| |
- },
|
| |
- {
|
| |
- short: "Add fake",
|
| |
- description: "Add 0-4 fake devices and randomize order",
|
| |
- config: [1],
|
| |
- },
|
| |
- {
|
| |
- short: "Empty",
|
| |
- description: "Return empty",
|
| |
- config: [2],
|
| |
- },
|
| |
- ],
|
| |
+ options: [{
|
| |
+ description: "farbling type",
|
| |
+ ui_elem: "select",
|
| |
+ name: "method",
|
| |
+ default: 0,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Randomize order",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 1,
|
| |
+ description: "Add 0-4 fake devices and randomize order",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 2,
|
| |
+ description: "Return empty promise"
|
| |
+ }
|
| |
+ ],
|
| |
+ }],
|
| |
wrappers: [
|
| |
// MCS
|
| |
"MediaDevices.prototype.enumerateDevices",
|
| |
@@ -261,28 +299,31 @@
|
| |
},
|
| |
{
|
| |
name: "hardware",
|
| |
- label: "Device memory and CPU",
|
| |
- description: "Spoof hardware information on the amount of RAM and CPU count.",
|
| |
+ description: "Spoof hardware information to the most popular HW",
|
| |
description2: [
|
| |
"Getters navigator.deviceMemory and navigator.hardwareConcurrency return modified values",
|
| |
],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Low",
|
| |
- description: "Return random valid value between minimum and real value",
|
| |
- config: [0],
|
| |
- },
|
| |
- {
|
| |
- short: "Medium",
|
| |
- description: "Return random valid value between minimum and 8",
|
| |
- config: [1],
|
| |
- },
|
| |
- {
|
| |
- short: "High",
|
| |
- description: "Return 4 for navigator.deviceMemory and 2 for navigator.hardwareConcurrency",
|
| |
- config: [2],
|
| |
- },
|
| |
- ],
|
| |
+ options: [{
|
| |
+ description: "farbling type",
|
| |
+ ui_elem: "select",
|
| |
+ name: "method",
|
| |
+ default: 0,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Return random valid value between minimum and real value",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 1,
|
| |
+ description: "Return random valid value between minimum and 8.0",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 2,
|
| |
+ description: "Return 4 for navigator.deviceMemory and 2 for navigator.hardwareConcurrency"
|
| |
+ }
|
| |
+ ],
|
| |
+ }],
|
| |
wrappers: [
|
| |
// HTML-LS
|
| |
"Navigator.prototype.hardwareConcurrency",
|
| |
@@ -292,19 +333,25 @@
|
| |
},
|
| |
{
|
| |
name: "xhr",
|
| |
- label: "XMLHttpRequest requests (XHR)",
|
| |
- description: "Filter reliable XHR requests to server.",
|
| |
- description2: ["Note that these requests are broadly employed for benign purposes and also note that Fetch, SSE, WebRTC, and WebSockets APIs are not blocked. All provide similar and some even better means of communication with server. For practical usage, we recommend activating Fingerprint Detector instead of XHR wrappers. JShelter keeps the wrapper as it is useful for some users mainly for experimental reasons."],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Ask",
|
| |
- description: "Ask before executing an XHR request",
|
| |
- config: [false, true],
|
| |
- },
|
| |
- {
|
| |
- short: "Block",
|
| |
- description: "Block all XMLHttpRequests",
|
| |
- config: [true, false],
|
| |
+ description: "Filter XMLHttpRequest requests",
|
| |
+ description2: [],
|
| |
+ options: [
|
| |
+ {
|
| |
+ ui_elem: "input-radio",
|
| |
+ name: "behaviour",
|
| |
+ data_type: "Boolean",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: "block",
|
| |
+ description: "Block all XMLHttpRequest.",
|
| |
+ default: false,
|
| |
+ },
|
| |
+ {
|
| |
+ value: "ask",
|
| |
+ description: "Ask before executing an XHR request.",
|
| |
+ default: true,
|
| |
+ },
|
| |
+ ],
|
| |
},
|
| |
],
|
| |
wrappers: [
|
| |
@@ -315,19 +362,15 @@
|
| |
},
|
| |
{
|
| |
name: "arrays",
|
| |
- label: "ArrayBuffer",
|
| |
- description: "Protect against ArrayBuffer exploitation, for example, to prevent side channel attacks on memory layout (or make them harder).",
|
| |
+ description: "Protect against ArrayBuffer exploitation",
|
| |
description2: [],
|
| |
- params: [
|
| |
+ options: [
|
| |
{
|
| |
- short: "Shift",
|
| |
- description: "Shift indexes to make memory page boundaries detection harder",
|
| |
- config: [false],
|
| |
- },
|
| |
- {
|
| |
- short: "Randomize",
|
| |
- description: "Use random mapping of array indexing to memory",
|
| |
- config: [true],
|
| |
+ ui_elem: "input-checkbox",
|
| |
+ name: "mapping",
|
| |
+ description: "Use random mapping of array indexing to memory.",
|
| |
+ data_type: "Boolean",
|
| |
+ default: false,
|
| |
},
|
| |
],
|
| |
wrappers: [
|
| |
@@ -345,19 +388,25 @@
|
| |
},
|
| |
{
|
| |
name: "shared_array",
|
| |
- label: "SharedArrayBuffer",
|
| |
- description: "Protect against SharedArrayBuffer exploitation, for example, to prevent side channel attacks on memory layout (or make them harder).",
|
| |
+ description: "Protect against SharedArrayBuffer exploitation:",
|
| |
description2: [],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Medium",
|
| |
- description: "Randomly slow messages to prevent high resolution timers",
|
| |
- config: [false],
|
| |
- },
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Block SharedArrayBuffer",
|
| |
- config: [true],
|
| |
+ options: [
|
| |
+ {
|
| |
+ ui_elem: "input-radio",
|
| |
+ name: "approach",
|
| |
+ data_type: "Boolean",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: "block",
|
| |
+ description: "Block SharedArrayBuffer.",
|
| |
+ default: true,
|
| |
+ },
|
| |
+ {
|
| |
+ value: "polyfill",
|
| |
+ description: "Randomly slow messages to prevent high resolution timers.",
|
| |
+ default: false,
|
| |
+ },
|
| |
+ ],
|
| |
},
|
| |
],
|
| |
wrappers: [
|
| |
@@ -367,19 +416,25 @@
|
| |
},
|
| |
{
|
| |
name: "webworker",
|
| |
- label: "WebWorker",
|
| |
- description: "Protect against WebWorker exploitation, for example, to provide high resolution timers",
|
| |
+ description: "Protect against WebWorker exploitation",
|
| |
description2: [],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Medium",
|
| |
- description: "Randomly slow messages to prevent high resolution timers",
|
| |
- config: [false],
|
| |
- },
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Remove real parallelism, use WebWorker polyfill",
|
| |
- config: [true],
|
| |
+ options: [
|
| |
+ {
|
| |
+ ui_elem: "input-radio",
|
| |
+ name: "approach",
|
| |
+ data_type: "Boolean",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: "polyfill",
|
| |
+ description: "Remove real parallelism, use WebWorker polyfill.",
|
| |
+ default: true,
|
| |
+ },
|
| |
+ {
|
| |
+ value: "slow",
|
| |
+ description: "Randomly slow messages to prevent high resolution timers.",
|
| |
+ default: false,
|
| |
+ },
|
| |
+ ],
|
| |
},
|
| |
],
|
| |
wrappers: [
|
| |
@@ -388,39 +443,45 @@
|
| |
},
|
| |
{
|
| |
name: "geolocation",
|
| |
- label: "Physical location (geolocation)",
|
| |
- description: "Limit the information on real-world position provided by Geolocation API.",
|
| |
+ description: "Geolocation API wrapping",
|
| |
description2: [],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Timestamp-only",
|
| |
- description: "Provide accurate data (use when you really need to provide exact location and you want to protect geolocation timestamps)",
|
| |
- config: [-1],
|
| |
- },
|
| |
- {
|
| |
- short: "Village",
|
| |
- description: "Use accuracy of hundreds of meters",
|
| |
- config: [2],
|
| |
- },
|
| |
- {
|
| |
- short: "Town",
|
| |
- description: "Use accuracy of kilometers",
|
| |
- config: [3],
|
| |
- },
|
| |
- {
|
| |
- short: "Region",
|
| |
- description: "Use accuracy of tens of kilometers",
|
| |
- config: [4],
|
| |
- },
|
| |
- {
|
| |
- short: "Long distance",
|
| |
- description: "Use accuracy of hundreds of kilometers",
|
| |
- config: [5],
|
| |
- },
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Turn location services off",
|
| |
- config: [0],
|
| |
+ options: [
|
| |
+ {
|
| |
+ description: "Location obfuscation",
|
| |
+ ui_elem: "select",
|
| |
+ name: "locationObfuscationType",
|
| |
+ default: 0,
|
| |
+ data_type: "Number",
|
| |
+ options: [
|
| |
+ {
|
| |
+ value: 0,
|
| |
+ description: "Turn location services off",
|
| |
+ },
|
| |
+ //{
|
| |
+ // value: 1,
|
| |
+ // description: "Use the position below",
|
| |
+ //},
|
| |
+ {
|
| |
+ value: 2,
|
| |
+ description: "Use accuracy of hundreds of meters",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 3,
|
| |
+ description: "Use accuracy of kilometers",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 4,
|
| |
+ description: "Use accuracy of tens of kilometers",
|
| |
+ },
|
| |
+ {
|
| |
+ value: 5,
|
| |
+ description: "Use accuracy of hundreds of kilometers",
|
| |
+ },
|
| |
+ {
|
| |
+ value: -1,
|
| |
+ description: "Provide accurate data (use when you really need to provide exact location)",
|
| |
+ },
|
| |
+ ],
|
| |
},
|
| |
],
|
| |
wrappers: [
|
| |
@@ -437,14 +498,15 @@
|
| |
},
|
| |
{
|
| |
name: "physical_environment",
|
| |
- label: "Physical environement sensors",
|
| |
- description: "Limit the information provided by physical environment sensors like Magnetometer or Accelerometer.",
|
| |
+ description: "Wrapping APIs for scanning properties of the physical environment",
|
| |
description2: [],
|
| |
- params: [
|
| |
+ options: [
|
| |
{
|
| |
- short: "High",
|
| |
- description: "Emulate stationary device based on domain hash",
|
| |
- config: [true],
|
| |
+ name: "emulateStationaryDevice",
|
| |
+ description: "Emulate stationary device",
|
| |
+ data_type: "Boolean",
|
| |
+ ui_elem: "input-checkbox",
|
| |
+ default: true,
|
| |
},
|
| |
],
|
| |
wrappers: [
|
| |
@@ -460,30 +522,18 @@
|
| |
"Accelerometer.prototype.y",
|
| |
"Accelerometer.prototype.z",
|
| |
|
| |
- // Gyroscope
|
| |
- "Gyroscope.prototype.x",
|
| |
- "Gyroscope.prototype.y",
|
| |
- "Gyroscope.prototype.z",
|
| |
-
|
| |
- // AbsoluteOrientationSensor and RelativeOrientationSensor
|
| |
- "OrientationSensor.prototype.quaternion",
|
| |
-
|
| |
- // AmbientLightSensor
|
| |
- "AmbientLightSensor.prototype.illuminance"
|
| |
+ // Here, we will add references to other GenericSensorAPI
|
| |
+ // sensor wrappers (DeviceOrientationSensor, AmbientLightSensor,
|
| |
+ // ProximitySensor, ...)
|
| |
+ // We should also decide whether Bluetooth / NFC belongs here
|
| |
],
|
| |
},
|
| |
{
|
| |
name: "gamepads",
|
| |
- label: "Gamepads",
|
| |
- description: "Prevent websites from accessing and learning information on local gamepads.",
|
| |
+ description: "Prevent websites from learning information on local gamepads",
|
| |
description2: [],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Hide all gamepads",
|
| |
- config: [true],
|
| |
- },
|
| |
- ],
|
| |
+ default: true,
|
| |
+ options: [],
|
| |
wrappers: [
|
| |
// GAMEPAD
|
| |
"Navigator.prototype.getGamepads",
|
| |
@@ -491,16 +541,10 @@
|
| |
},
|
| |
{
|
| |
name: "vr",
|
| |
- label: "Virtual and augmented reality devices",
|
| |
- description: "Prevent websites from accessing and learning information on local virtual and augmented reality displays.",
|
| |
+ description: "Prevent websites from learning information on local Virtual Reality displays",
|
| |
description2: [],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Hide all devices",
|
| |
- config: [],
|
| |
- },
|
| |
- ],
|
| |
+ default: true,
|
| |
+ options: [],
|
| |
wrappers: [
|
| |
// VR
|
| |
"Navigator.prototype.activeVRDisplays",
|
| |
@@ -510,16 +554,10 @@
|
| |
},
|
| |
{
|
| |
name: "analytics",
|
| |
- label: "Unreliable transfers to server (beacons)",
|
| |
- description: "Prevent unreliable transfers to server (beacons).",
|
| |
- description2: ["Such transfers are typically misused for analytics but occassionally may be used by e-shops or other pages.", "Prevent sending information through Beacon API."],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Disabled",
|
| |
- description: "The wrapper performs no action",
|
| |
- config: [],
|
| |
- },
|
| |
- ],
|
| |
+ description: "Prevent sending analytics through Beacon API",
|
| |
+ description2: [],
|
| |
+ default: true,
|
| |
+ options: [],
|
| |
wrappers: [
|
| |
// BEACON
|
| |
"Navigator.prototype.sendBeacon",
|
| |
@@ -527,16 +565,10 @@
|
| |
},
|
| |
{
|
| |
name: "battery",
|
| |
- label: "Hardware battery",
|
| |
description: "Disable Battery status API",
|
| |
description2: [],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Disabled",
|
| |
- description: "Disable the API",
|
| |
- config: [],
|
| |
- },
|
| |
- ],
|
| |
+ default: true,
|
| |
+ options: [],
|
| |
wrappers: [
|
| |
// BATTERY
|
| |
"Navigator.prototype.getBattery",
|
| |
@@ -545,16 +577,10 @@
|
| |
},
|
| |
{
|
| |
name: "windowname",
|
| |
- label: "Persistent identifier of the browser tab",
|
| |
- description: "Clear window.name value on the webpage loading.",
|
| |
- description2: ["This API might be occasionally used for benign purposes.", "This API provides a possibility to detect cross-site browsing in one tab and broser session."],
|
| |
- params: [
|
| |
- {
|
| |
- short: "Strict",
|
| |
- description: "Clear during page reload",
|
| |
- config: [],
|
| |
- },
|
| |
- ],
|
| |
+ description: "Clear window.name value on the webpage loading",
|
| |
+ description2: [],
|
| |
+ default: true,
|
| |
+ options: [],
|
| |
wrappers: [
|
| |
// WINDOW-NAME
|
| |
"window.name",
|
| |
@@ -601,14 +627,32 @@
|
| |
/// Automatically populate infered metadata in wrapping_groups.
|
| |
wrapping_groups.groups.forEach(function (group) {
|
| |
group.id = group.name;
|
| |
- if (!are_all_api_unsupported(group.wrappers)) {
|
| |
- wrapping_groups.group_names.push(group.name);
|
| |
- wrapping_groups.empty_level[group.id] = 0;
|
| |
- }
|
| |
- wrapping_groups.group_map[group.id] = group
|
| |
- for (wrapper_name of group.wrappers) {
|
| |
- wrapping_groups.wrapper_map[wrapper_name] = group.name;
|
| |
- }
|
| |
+ group.data_type = "Boolean";
|
| |
+ group.ui_elem = "input-checkbox";
|
| |
+ wrapping_groups.empty_level[group.id] = are_all_api_unsupported(group.wrappers) ? true : Boolean(group.default);
|
| |
+ wrapping_groups.option_map[group.id] = group
|
| |
+ wrapping_groups.associated_params[group.id] = [];
|
| |
+ group.options.forEach((function (gid, option) {
|
| |
+ option.id = `${gid}_${option.name}`;
|
| |
+ if (option.default !== undefined) {
|
| |
+ wrapping_groups.empty_level[option.id] = option.default;
|
| |
+ wrapping_groups.associated_params[group.id].push(option.id);
|
| |
+ }
|
| |
+ wrapping_groups.option_map[option.id] = option;
|
| |
+ if (option.options !== undefined) {
|
| |
+ option.options.forEach((function (oid, choice) {
|
| |
+ choice.id = `${oid}_${choice.value}`;
|
| |
+ if (choice.default !== undefined) {
|
| |
+ wrapping_groups.empty_level[choice.id] = choice.default;
|
| |
+ wrapping_groups.associated_params[group.id].push(choice.id);
|
| |
+ }
|
| |
+ if (choice.ui_elem === undefined && option.ui_elem !== undefined) {
|
| |
+ choice.ui_elem = option.ui_elem;
|
| |
+ }
|
| |
+ wrapping_groups.option_map[choice.id] = choice;
|
| |
+ }).bind(null, option.id));
|
| |
+ }
|
| |
+ }).bind(null, group.id));
|
| |
});
|
| |
|
| |
// *****************************************************************************
|
| |
@@ -619,83 +663,110 @@
|
| |
const L1 = "1";
|
| |
const L2 = "2";
|
| |
const L3 = "3";
|
| |
- const L_EXPERIMENTAL = "Experiment"; // Use a long ID so that it is not in conflict with pre0.7 user-defined levels
|
| |
|
| |
/// Built-in levels
|
| |
var level_0 = {
|
| |
"builtin": true,
|
| |
"level_id": L0,
|
| |
- "level_text": "Turn JavaScript Shield off",
|
| |
- "level_description": "JavaScript APIs are not wrapped. Use this level if you trust the oprator of the visited page(s) or if you do not like JavaScript Shield but apply other protection mechanisms.",
|
| |
+ "level_text": "Turn wrappers off",
|
| |
+ "level_description": "No protection at all",
|
| |
+ };
|
| |
+
|
| |
+ var level_1 = {
|
| |
+ "builtin": true,
|
| |
+ "level_id": L1,
|
| |
+ "level_text": "Minimal",
|
| |
+ "level_description": "Minimal level of protection",
|
| |
+ "time_precision": true,
|
| |
+ "time_precision_precision": 2,
|
| |
+ "time_precision_randomize": false,
|
| |
+ "hardware": true,
|
| |
+ "hardware_method": 0,
|
| |
+ "battery": true,
|
| |
+ "plugins": true,
|
| |
+ "plugins_method": 0,
|
| |
+ "geolocation": true,
|
| |
+ "geolocation_locationObfuscationType": 2,
|
| |
+ "analytics": true,
|
| |
+ "windowname": true,
|
| |
+ "physical_environment": true,
|
| |
+ "physical_environment_emulateStationaryDevice": true,
|
| |
};
|
| |
|
| |
var level_2 = {
|
| |
"builtin": true,
|
| |
"level_id": L2,
|
| |
"level_text": "Recommended",
|
| |
- "level_description": "Make the browser appear differently to distinct fingerprinters. Apply security counter-measures that are likely not to break web pages. Slightly modify the results of API calls in different way on different domains so that the cross-site fingerprint is not stable. The generated fingerprint values also differ with each browser restart. If you need a different fingerprint for the same website without restart, use incognito mode. Keep in mind that even if you log out from a site, clear your cookies, change your IP address, the modified APIs will provide a way to compute the same fingerprint. Restart your browser if you want to change your fingerprint. If in doubt, use this level.",
|
| |
- "time_precision": 3,
|
| |
- "htmlcanvaselement": 1,
|
| |
- "audiobuffer": 1,
|
| |
- "webgl": 1,
|
| |
- "plugins": 2,
|
| |
- "enumerateDevices": 2,
|
| |
- "hardware": 1,
|
| |
- "geolocation": 3,
|
| |
- "physical_environment": 1,
|
| |
- "gamepads": 1,
|
| |
- "vr": 1,
|
| |
- "analytics": 1,
|
| |
- "battery": 1,
|
| |
- "windowname": 1,
|
| |
+ "level_description": "Recommended level of protection for most sites",
|
| |
+ "time_precision": true,
|
| |
+ "time_precision_precision": 1,
|
| |
+ "time_precision_randomize": false,
|
| |
+ "hardware": true,
|
| |
+ "hardware_method": 0,
|
| |
+ "battery": true,
|
| |
+ "htmlcanvaselement": true,
|
| |
+ "htmlcanvaselement_method": 0,
|
| |
+ "audiobuffer": true,
|
| |
+ "audiobuffer_method": 0,
|
| |
+ "webgl": true,
|
| |
+ "webgl_method": 0,
|
| |
+ "plugins": true,
|
| |
+ "plugins_method": 1,
|
| |
+ "enumerateDevices": true,
|
| |
+ "enumerateDevices_method": 1,
|
| |
+ "geolocation": true,
|
| |
+ "geolocation_locationObfuscationType": 3,
|
| |
+ "gamepads": true,
|
| |
+ "vr": true,
|
| |
+ "analytics": true,
|
| |
+ "windowname": true,
|
| |
+ "physical_environment": true,
|
| |
+ "physical_environment_emulateStationaryDevice": true,
|
| |
};
|
| |
|
| |
var level_3 = {
|
| |
"builtin": true,
|
| |
"level_id": L3,
|
| |
- "level_text": "Strict",
|
| |
- "level_description": "Enable all non-experimental protection. The wrapped APIs return fake values. Some APIs are blocked completely, others provide meaningful but rare values. Some return values are meaningless. This level will make you fingerprintable because the results of API calls are generally modified in the same way on all webistes and in each session. Use this level if you want to limit the information provided by your browser. If you are worried about fingerprinters, make sure the Fingerprint Detector is activated.",
|
| |
- "time_precision": 3,
|
| |
- "htmlcanvaselement": 2,
|
| |
- "audiobuffer": 2,
|
| |
- "webgl": 2,
|
| |
- "plugins": 3,
|
| |
- "enumerateDevices": 3,
|
| |
- "hardware": 3,
|
| |
- "webworker": 2,
|
| |
- "geolocation": 6,
|
| |
- "physical_environment": 1,
|
| |
- "gamepads": 1,
|
| |
- "vr": 1,
|
| |
- "analytics": 1,
|
| |
- "battery": 1,
|
| |
- "windowname": 1,
|
| |
+ "level_text": "High",
|
| |
+ "level_description": "High level of protection",
|
| |
+ "time_precision": true,
|
| |
+ "time_precision_precision": 0,
|
| |
+ "time_precision_randomize": true,
|
| |
+ "hardware": true,
|
| |
+ "hardware_method": 2,
|
| |
+ "battery": true,
|
| |
+ "htmlcanvaselement": true,
|
| |
+ "htmlcanvaselement_method": 1,
|
| |
+ "audiobuffer": true,
|
| |
+ "audiobuffer_method": 1,
|
| |
+ "webgl": true,
|
| |
+ "webgl_method": 1,
|
| |
+ "plugins": true,
|
| |
+ "plugins_method": 2,
|
| |
+ "enumerateDevices": true,
|
| |
+ "enumerateDevices_method": 2,
|
| |
+ "xhr": true,
|
| |
+ "xhr_behaviour_block": false,
|
| |
+ "xhr_behaviour_ask": true,
|
| |
+ "arrays": true,
|
| |
+ "arrays_mapping": true,
|
| |
+ "shared_array": true,
|
| |
+ "shared_array_approach_block": true,
|
| |
+ "shared_array_approach_polyfill": false,
|
| |
+ "webworker": true,
|
| |
+ "webworker_approach_polyfill": true,
|
| |
+ "webworker_approach_slow": false,
|
| |
+ "geolocation": true,
|
| |
+ "geolocation_locationObfuscationType": 0,
|
| |
+ "gamepads": true,
|
| |
+ "vr": true,
|
| |
+ "analytics": true,
|
| |
+ "windowname": true,
|
| |
+ "physical_environment": true,
|
| |
+ "physical_environment_emulateStationaryDevice": true,
|
| |
};
|
| |
|
| |
- var level_experimental = {
|
| |
- "builtin": true,
|
| |
- "level_id": L_EXPERIMENTAL,
|
| |
- "level_text": "Experimental",
|
| |
- "level_description": "Strict level protections with additional wrappers enabled (including APIs known to regularly break webpages and APIs that do not work perfectly). Use this level if you want to experiment with JShelter. Use Recommended or Strict level with active Fingerprint Detector for your regular activities.",
|
| |
- "time_precision": 3,
|
| |
- "htmlcanvaselement": 2,
|
| |
- "audiobuffer": 2,
|
| |
- "webgl": 2,
|
| |
- "plugins": 3,
|
| |
- "enumerateDevices": 3,
|
| |
- "hardware": 3,
|
| |
- "xhr": 1,
|
| |
- "arrays": 2,
|
| |
- "shared_array": 2,
|
| |
- "webworker": 2,
|
| |
- "geolocation": 6,
|
| |
- "physical_environment": 1,
|
| |
- "gamepads": 1,
|
| |
- "vr": 1,
|
| |
- "analytics": 1,
|
| |
- "battery": 1,
|
| |
- "windowname": 1,
|
| |
- };
|
| |
+ const BUILTIN_LEVEL_NAMES = [L0, L1, L2, L3];
|
| |
|
| |
var levels = {};
|
| |
var default_level = {};
|
| |
@@ -704,9 +775,9 @@
|
| |
function init_levels() {
|
| |
levels = {
|
| |
[level_0.level_id]: level_0,
|
| |
+ [level_1.level_id]: level_1,
|
| |
[level_2.level_id]: level_2,
|
| |
- [level_3.level_id]: level_3,
|
| |
- [level_experimental.level_id]: level_experimental
|
| |
+ [level_3.level_id]: level_3
|
| |
};
|
| |
default_level = Object.create(levels[L2]);
|
| |
default_level.level_text = "Default";
|
| |
@@ -741,24 +812,31 @@
|
| |
}
|
| |
default_level.is_default = true;
|
| |
var new_domains = res["domains"] || {};
|
| |
- for (let [d, {level_id, tweaks, restore, restore_tweaks}] of Object.entries(new_domains)) {
|
| |
+ for (let [d, {level_id, tweaks}] of Object.entries(new_domains)) {
|
| |
let level = levels[level_id];
|
| |
if (level === undefined) {
|
| |
domains[d] = default_level;
|
| |
- }
|
| |
- else {
|
| |
- if (tweaks) {
|
| |
- // this domain has "tweaked" wrapper groups from other levels, let's merge them
|
| |
- level = Object.assign({}, level, tweaks);
|
| |
- level.tweaks = tweaks;
|
| |
- delete level.wrappers; // we will lazy instantiate them on demand in getCurrentLevelJSON()
|
| |
- }
|
| |
- if (restore) {
|
| |
- level.restore = restore;
|
| |
- if (restore_tweaks) {
|
| |
- level.restore_tweaks = restore_tweaks;
|
| |
+ } else if (tweaks) {
|
| |
+ // this domain has "tweaked" wrapper groups from other levels, let's merge them
|
| |
+ level = Object.assign({tweaks}, level);
|
| |
+ for ([group, tlev_id] of Object.entries(tweaks)) {
|
| |
+ if (tlev_id === level_id) {
|
| |
+ // redundant tweak: same level
|
| |
+ delete tweaks[group];
|
| |
+ continue;
|
| |
+ }
|
| |
+ // cleanup original group settings for this level
|
| |
+ delete level[group];
|
| |
+ let prefix = `${group}_`;
|
| |
+ for (let key of Object.keys(level).filter(k => k.startsWith(prefix))) delete[key];
|
| |
+ // now copy the group settings from the tweak level
|
| |
+ let tweakLevel = levels[tlev_id];
|
| |
+ if (tweakLevel[group]) {
|
| |
+ level[group] = tweakLevel[group];
|
| |
+ for (let key of Object.keys(tweakLevel).filter(k => k.startsWith(prefix))) level[key] = tweakLevel[key];
|
| |
}
|
| |
}
|
| |
+ delete level.wrappers; // we will lazy instantiate them on demand in getCurrentLevelJSON()
|
| |
}
|
| |
domains[d] = level;
|
| |
}
|
| |
@@ -781,27 +859,17 @@
|
| |
function saveDomainLevels() {
|
| |
tobesaved = {};
|
| |
for (k in domains) {
|
| |
- let {level_id, tweaks, restore, restore_tweaks} = domains[k];
|
| |
+ let {level_id, tweaks} = domains[k];
|
| |
if (k[k.length - 1] === ".") {
|
| |
k = k.substring(0, k.length-1);
|
| |
}
|
| |
if (tweaks) {
|
| |
- for (let [group, param] of Object.entries(tweaks)) {
|
| |
- if (param === (levels[level_id][group] || 0)) {
|
| |
- delete tweaks[group]; // remove redundant entries
|
| |
- }
|
| |
- }
|
| |
- if (Object.keys(tweaks).length === 0) {
|
| |
- tweaks = undefined;
|
| |
+ for (let [group, tlev_id] of Object.entries(tweaks)) {
|
| |
+ if (tlev_id === level_id) delete tweaks[group]; // remove redundant entries
|
| |
}
|
| |
+ if (Object.keys(tweaks).length === 0) delete tweaks;
|
| |
}
|
| |
tobesaved[k] = tweaks ? {level_id, tweaks} : {level_id};
|
| |
- if (restore) {
|
| |
- tobesaved[k].restore = restore;
|
| |
- if (restore_tweaks) {
|
| |
- tobesaved[k].restore_tweaks = restore_tweaks;
|
| |
- }
|
| |
- }
|
| |
}
|
| |
browser.storage.sync.set({domains: tobesaved});
|
| |
}
|
| |
@@ -820,14 +888,3 @@
|
| |
}
|
| |
return [default_level, wrapped_codes[default_level.level_id]];
|
| |
}
|
| |
-
|
| |
- function getTweaksForLevel(level_id, tweaks_obj) {
|
| |
- tweaks_obj = tweaks_obj || {}; // Make sure that tweaks_obj is an object
|
| |
- let working = Object.assign({}, wrapping_groups.empty_level, levels[level_id], tweaks_obj);
|
| |
- Object.keys(working).forEach(function(key) {
|
| |
- if (!wrapping_groups.group_names.includes(key)) {
|
| |
- delete working[key];
|
| |
- }
|
| |
- });
|
| |
- return working;
|
| |
- }
|
| |