Skip to content

Commit

Permalink
Add Spoof Timezone, UTM Tracking Removing, Useragent Spoof everywhere…
Browse files Browse the repository at this point in the history 
… options, consolidate fingerprinting code

Address #52 and #53, bumped version no. and added beta label for beta
testing.
  • Loading branch information
@andryou
andryou committed Jun 22, 2016
1 parent 5a45d65 commit 0fe81fb
Show file tree
Hide file tree
Showing 7 changed files with 366 additions and 525 deletions.
47 changes: 46 additions & 1 deletion html/options.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,49 @@
<tr><td class="rowtitle"><label for="webrtcdevice">Block Device Enumeration</label>:</td><td><input type="checkbox" id="webrtcdevice" class="save" /> <i>(Default: disabled; prevent having hardware devices detected via the WebRTC API)</i></td></tr>
<tr><td class="rowtitle"><label for="gamepad">Block Gamepad Enumeration</label>:</td><td><input type="checkbox" id="gamepad" class="save" /> <i>(Default: disabled; prevent having devices detected via the Gamepad API)</i></td></tr>
<tr><td class="rowtitle"><label for="canvasfont">Block Canvas Font Access</label>:</td><td><input type="checkbox" id="canvasfont" class="save" /> <i>(Default: disabled; prevent system fonts from being enumerated through &lt;canvas&gt; elements)</i></td></tr>
<tr><td class="rowtitle"><label for="timezone">Spoof Timezone</label>:</td><td><select id="timezone" class="savechange">
<option value="false">Disabled</option>
<option value="random">Random</option>
<option value="720">UTC-12:00</option>
<option value="660">UTC-11:00</option>
<option value="600">UTC-10:00</option>
<option value="570">UTC-09:30</option>
<option value="540">UTC-09:00</option>
<option value="480">UTC-08:00</option>
<option value="420">UTC-07:00</option>
<option value="360">UTC-06:00</option>
<option value="300">UTC-05:00</option>
<option value="240">UTC-04:00</option>
<option value="210">UTC-03:30</option>
<option value="180">UTC-03:00</option>
<option value="120">UTC-02:00</option>
<option value="60">UTC-01:00</option>
<option value="0">UTC±00:00</option>
<option value="-60">UTC+01:00</option>
<option value="-120">UTC+02:00</option>
<option value="-180">UTC+03:00</option>
<option value="-210">UTC+03:30</option>
<option value="-240">UTC+04:00</option>
<option value="-270">UTC+04:30</option>
<option value="-300">UTC+05:00</option>
<option value="-330">UTC+05:30</option>
<option value="-345">UTC+05:45</option>
<option value="-360">UTC+06:00</option>
<option value="-390">UTC+06:30</option>
<option value="-420">UTC+07:00</option>
<option value="-480">UTC+08:00</option>
<option value="-510">UTC+08:30</option>
<option value="-525">UTC+08:45</option>
<option value="-540">UTC+09:00</option>
<option value="-570">UTC+09:30</option>
<option value="-600">UTC+10:00</option>
<option value="-630">UTC+10:30</option>
<option value="-660">UTC+11:00</option>
<option value="-720">UTC+12:00</option>
<option value="-765">UTC+12:45</option>
<option value="-780">UTC+13:00</option>
<option value="-840">UTC+14:00</option>
</select> <i>(Default: disabled; spoof or randomize your timezone)</i></td></tr>
<tr><td class="rowtitle"><label for="keyboard">Reduce Keyboard Fingerprinting (<strong>for advanced users</strong>)</label>:</td><td><input type="checkbox" id="keyboard" class="save" /> <i>(Default: disabled; make keypress timings more random to increase anonymity (<strong>NOTE: adds a random delay between keypresses; disable this setting if unacceptable</strong>))</i></td></tr>
<tr><td colspan="2" class="section">Privacy Settings</td></tr>
<tr><td class="rowtitle"><label for="paranoia">Paranoia Mode</label>:</td><td><input type="checkbox" id="paranoia" class="save" /> <i>(Default: disabled; block allowed domains on unlisted domains)</i></td></tr>
Expand All @@ -79,6 +122,7 @@
<option value="disable_non_proxied_udp">Protect Local and Public IPs</option>
</select> <i>(Default: Protect Local IP; prevent IP address leakage)</i></td></tr>
<tr><td class="rowtitle"><label for="webbugs">Remove Webbugs</label>:</td><td><input type="checkbox" id="webbugs" class="save" /> <i>(Default: enabled; remove "invisible" third-party elements)</i></td></tr>
<tr><td class="rowtitle"><label for="utm">Remove Google Analytics (UTM) Tracking</label>:</td><td><input type="checkbox" id="utm" class="save" /> <i>(Default: disabled; remove Google Analytics (UTM) tracking tokens)</i></td></tr>
<tr><td class="rowtitle"><label for="referrer">Block Click-Through Referrer</label>:</td><td><select id="referrer" class="savechange">
<option value="false">Disabled</option>
<option value="true">Only on Unwhitelisted Domains</option>
Expand Down Expand Up @@ -121,7 +165,8 @@
<option value="macsnow">OSX Snow Leopard</option>
<option value="chromeos">Chrome OS</option>
<option value="off">-Off-</option>
</select><br /><i>(Default: -Off-; spoofs your user-agent (browser and OS))</i></td></tr>
</select><br /><i>(Default: -Off-; spoofs your user-agent (browser and OS))</i>
<div id="applytoallow"><br /><input type="checkbox" id="uaspoofallow" class="save" /><label for="uaspoofallow"> Apply to whitelisted domains as well (default: disabled)</label></div></td></tr>
<tr><td class="rowtitle"><label for="referrerspoof">Referrer Spoof</label>:</td><td><select id="referrerspoof" class="savechange">
<option value="off">-Off-</option>
<option value="same">Same Document</option>
Expand Down
14 changes: 8 additions & 6 deletions html/updated.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,16 @@
<div id="message"></div>
<div id="main">
<div id="header"><span id="title">ScriptSafe</span><br /><br />
<h1>Updated to v<span id="versionno"></span>! (Tuesday, June 21, 2016)</h1>
<h1>Updated to v<span id="versionno"></span>! (Wednesday, June 22, 2016)</h1>
<br />
<hr>
<div style="text-align: left; line-height: 18px; font-size: 13px;"><br />
I spent the entire weekend focusing on bringing <strong>Fingerprinting Protection</strong> to ScriptSafe. The Options page now has a new Fingerprinting Protection section with not one, not two, not three, but <strong>eight brand-new options</strong>!<br /><br />
I spent the entire weekend focusing on bringing <strong>Fingerprinting Protection</strong> to ScriptSafe. The Options page now has a new Fingerprinting Protection section with not one, not two, not three, but <strong>nine brand-new options</strong>!<br /><br />
Still on my list: 1) translate ScriptSafe into multiple languages; and 2) improve design and appearance.<br /><br />
In this release you will find the following updates:
<ul>
<li><b>v1.0.7.15:</b><ul>
<li>Added a new <strong>Fingerprinting Protection</strong> section with 8 new options <i>(disabled by default)</i>:<ul>
<li><b>v1.0.7.16-BETA:</b><ul>
<li>Added a new <strong>Fingerprinting Protection</strong> section with 9 new options <i>(disabled by default)</i>:<ul>
<li><b>Canvas Fingerprint Protection</b> - protect against fingerprinting attempts through &lt;canvas&gt; elements, with the following options:<ul>
<li>Disabled</li>
<li>Blank Readout (serve an empty canvas with the original dimensions)</li>
Expand All @@ -30,11 +30,13 @@ <h1>Updated to v<span id="versionno"></span>! (Tuesday, June 21, 2016)</h1>
<li><b>Block Battery Fingerprinting</b> - prevent fingerprinting via the Battery API</li>
<li><b>Block Device Enumeration</b> - prevent having hardware devices detected via the WebRTC API</li>
<li><b>Block Gamepad Enumeration</b> - prevent having hardware devices detected via the Gamepad API</li>
<li><b>Block Canvas Font Access</b> - prevent system fonts from being enumerated through &lt;canvas&gt; elements</li>
<li><b>Spoof Timezone</b> - spoof or randomize your timezone; useful if you use VPN</li>
<li><b>Reduce Keyboard Fingerprinting (for advanced users)</b> - make keypress timings more random to increase anonymity (note: adds a random delay between keypresses))</li>
<li><b>I recommend enabling all of the above options (except the last) for increased privacy</b>, and based on your needs disable the options that interfere with your usage.</li>
</ul></li>
<li>Added new option: <strong>"Prevent Clipboard Interference"</strong> (under "Behavior Settings") - prevent pages from interfering with clipboard actions <i>(disabled by default)</i></li>
<li>Added <strong>Prevent Clipboard Interference</strong> (under <strong>Behavior Settings</strong>) - prevent pages from interfering with clipboard actions <i>(disabled by default)</i></li>
<li>Added <b>Remove Google Analytics (UTM) Tracking</b> option (under <strong>Privacy Settings</strong>) - remove Google Analytics (UTM) tracking tokens before they're actually passed to the server <i>(disabled by default)</i></li>
<li>Added option to apply user-agent spoofing on whitelisted domains as well (default behaviour is to disable spoofing on whitelisted domains to avoid issues, but enabling this option will spoof the user-agent regardless)</li>
<li>Updated unwanted content providers list</li>
<li>Created a beta testing signup form. If you sign up to become a beta tester, you will be emailed when there is a new version ready to be tested before being pushed to the Chrome Web Store. <a href="https://docs.google.com/forms/d/1MXUSlQHP_XbXbbKYrxaW_8eIY4Y3SyiyUg1yhoBUoQM/viewform" target="_blank">Sign up to be a beta tester!</a></li>
<li>I now have a Bitcoin address due to inquiries from people wary of PayPal but wanted to still donate!<ul>
Expand Down
12 changes: 9 additions & 3 deletions js/options.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,8 +133,10 @@ function loadOptions() {
loadCheckbox("battery");
loadCheckbox("webrtcdevice");
loadCheckbox("gamepad");
loadElement("timezone");
loadCheckbox("keyboard");
loadCheckbox("webbugs");
loadCheckbox("utm");
loadElement("webrtc");
if (!bkg.getWebRTC()) $("#webrtccell").html('<strong style="color: red;">This browser does not support WebRTC protection</strong>');
loadElement("preservesamedomain");
Expand All @@ -147,8 +149,9 @@ function loadOptions() {
loadElement("linktarget");
loadCheckbox("cookies");
loadElement("useragentspoof");
if ($("#useragentspoof").val() == 'off') $("#useragentspoof_os").hide();
if ($("#useragentspoof").val() == 'off') $("#useragentspoof_os, #applytoallow").hide();
loadElement("useragentspoof_os");
loadCheckbox("uaspoofallow");
if (localStorage['referrerspoof'] != 'same' && localStorage['referrerspoof'] != 'domain' && localStorage['referrerspoof'] != 'off') {
$("#referrerspoof").val('custom');
$("#customreferrer").show();
Expand Down Expand Up @@ -187,8 +190,10 @@ function saveOptions() {
saveCheckbox("battery");
saveCheckbox("webrtcdevice");
saveCheckbox("gamepad");
saveElement("timezone");
saveCheckbox("keyboard");
saveCheckbox("webbugs");
saveCheckbox("utm");
saveElement("webrtc");
saveElement("preservesamedomain");
saveCheckbox("paranoia");
Expand All @@ -199,6 +204,7 @@ function saveOptions() {
saveCheckbox("cookies");
saveElement("useragentspoof");
saveElement("useragentspoof_os");
saveCheckbox("uaspoofallow");
if ($("#referrerspoof").val() != 'custom') {
saveElement("referrerspoof");
$("#customreferrer").hide();
Expand All @@ -213,8 +219,8 @@ function saveOptions() {
saveCheckbox("domainsort");
if (localStorage['annoyances'] == 'true') $("#annoyancesmoderow").show();
else $("#annoyancesmoderow").hide();
if (localStorage['useragentspoof'] != 'off') $("#useragentspoof_os").show();
else $("#useragentspoof_os").hide();
if (localStorage['useragentspoof'] != 'off') $("#useragentspoof_os, #applytoallow").show();
else $("#useragentspoof_os, #applytoallow").hide();
updateExport();
bkg.refreshRequestTypes();
bkg.initWebRTC();
Expand Down
8 changes: 5 additions & 3 deletions js/popup.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,7 @@ function init() {
else if (response.blockeditems[i][1] == 'Battery Fingerprint') itemdomain = 'battery.fingerprint';
else if (response.blockeditems[i][1] == 'Device Enumeration') itemdomain = 'device.enumeration';
else if (response.blockeditems[i][1] == 'Gamepad Enumeration') itemdomain = 'gamepad.enumeration';
else if (response.blockeditems[i][1] == 'Spoofed Timezone') itemdomain = 'spoofed.timezone';
if (itemdomain) {
var baddiesstatus = response.blockeditems[i][5];
var parentstatus = response.blockeditems[i][4];
Expand All @@ -132,12 +133,12 @@ function init() {
} else allowedtype = 1;
var outputdomain = itemdomain;
if (response.blockeditems[i][1] == 'NOSCRIPT' || response.blockeditems[i][1] == 'WEBBUG') outputdomain = '&lt;'+response.blockeditems[i][1]+'&gt;';
else if (response.blockeditems[i][1] == 'Canvas Fingerprint' || response.blockeditems[i][1] == 'Canvas Font Access' || response.blockeditems[i][1] == 'Audio Fingerprint' || response.blockeditems[i][1] == 'WebGL Fingerprint' || response.blockeditems[i][1] == 'Battery Fingerprint' || response.blockeditems[i][1] == 'Device Enumeration' || response.blockeditems[i][1] == 'Gamepad Enumeration') outputdomain = response.blockeditems[i][1];
else if (response.blockeditems[i][1] == 'Canvas Fingerprint' || response.blockeditems[i][1] == 'Canvas Font Access' || response.blockeditems[i][1] == 'Audio Fingerprint' || response.blockeditems[i][1] == 'WebGL Fingerprint' || response.blockeditems[i][1] == 'Battery Fingerprint' || response.blockeditems[i][1] == 'Device Enumeration' || response.blockeditems[i][1] == 'Gamepad Enumeration' || response.blockeditems[i][1] == 'Spoofed Timezone') outputdomain = response.blockeditems[i][1];
$("#blocked").append('<div class="thirditem" title="['+response.blockeditems[i][1]+'] '+$.trim(response.blockeditems[i][0].replace(/"/g, "'").replace(/\&lt;/g, "<").replace(/\&gt;/g, ">").replace(/\&amp;/g, "&"))+'" rel="x_'+itemdomainfriendly+'" data-domain="'+bkg.getDomain(itemdomain)+'" data-baddie="'+baddiesstatus+'"><span><span>'+outputdomain+'</span> (<span rel="count_'+itemdomainfriendly+'">1</span>)</span><br /><span rel="r_'+itemdomainfriendly+'"></span><span class="choices" rel="'+itemdomain+'" sn_list="'+allowedtype+'"><span class="box box4 x_'+itemdomainfriendly+'" title="Clear Domain from List">Clear</span><span class="box box1 x_whitelist" rel="0" title="Allow Domain">Allow</span><span class="box box1 x_trust'+trustval0+'" rel="3" title="Trust Entire Domain">Trust</span><span class="box box2 x_blacklist selected" rel="1" title="Deny">Deny</span><span class="box box2 x_trust'+trustval1+'" rel="4" title="Distrust Entire Domain">Distrust</span><span class="box box3 x_bypass" rel="2" title="Temp.">Temp.</span></span></div>');
} else {
if (response.blockeditems[i][1] == 'NOSCRIPT' || response.blockeditems[i][1] == 'WEBBUG') {
$("#blocked").append('<div class="thirditem" title="['+response.blockeditems[i][1]+'] '+$.trim(response.blockeditems[i][0].replace(/"/g, "'").replace(/\&lt;/g, "<").replace(/\&gt;/g, ">").replace(/\&amp;/g, "&"))+'" rel="x_'+itemdomainfriendly+'" data-domain="'+bkg.getDomain(itemdomain)+'" data-baddie="'+baddiesstatus+'"><span><span>&lt;'+response.blockeditems[i][1]+'&gt;</span> (<span rel="count_'+itemdomainfriendly+'">1</span>)</span></div>');
} else if (response.blockeditems[i][1] == 'Canvas Fingerprint' || response.blockeditems[i][1] == 'Canvas Font Access' || response.blockeditems[i][1] == 'Audio Fingerprint' || response.blockeditems[i][1] == 'WebGL Fingerprint' || response.blockeditems[i][1] == 'Battery Fingerprint' || response.blockeditems[i][1] == 'Device Enumeration' || response.blockeditems[i][1] == 'Gamepad Enumeration') {
} else if (response.blockeditems[i][1] == 'Canvas Fingerprint' || response.blockeditems[i][1] == 'Canvas Font Access' || response.blockeditems[i][1] == 'Audio Fingerprint' || response.blockeditems[i][1] == 'WebGL Fingerprint' || response.blockeditems[i][1] == 'Battery Fingerprint' || response.blockeditems[i][1] == 'Device Enumeration' || response.blockeditems[i][1] == 'Gamepad Enumeration' || response.blockeditems[i][1] == 'Spoofed Timezone') {
$("#blocked").append('<div class="thirditem" title="['+response.blockeditems[i][1]+'] '+$.trim(response.blockeditems[i][0].replace(/"/g, "'").replace(/\&lt;/g, "<").replace(/\&gt;/g, ">").replace(/\&amp;/g, "&"))+'" rel="x_'+itemdomainfriendly+'" data-domain="'+bkg.getDomain(itemdomain)+'" data-baddie="'+baddiesstatus+'"><span><span>'+response.blockeditems[i][1]+'</span> (<span rel="count_'+itemdomainfriendly+'">1</span>)</span></div>');
} else {
$("#blocked").append('<div class="thirditem" title="['+response.blockeditems[i][1]+'] '+$.trim(response.blockeditems[i][0].replace(/"/g, "'").replace(/\&lt;/g, "<").replace(/\&gt;/g, ">").replace(/\&amp;/g, "&"))+'" rel="x_'+itemdomainfriendly+'" data-domain="'+bkg.getDomain(itemdomain)+'" data-baddie="'+baddiesstatus+'"><span><span>'+itemdomain+'</span> (<span rel="count_'+itemdomainfriendly+'">1</span>)</span><br /><span rel="r_'+itemdomainfriendly+'"></span><span class="choices" rel="'+itemdomain+'" sn_list="-1"><span class="box box4 x_'+itemdomainfriendly+'" title="Clear Domain from List">Clear</span><span class="box box1 x_whitelist" rel="0" title="Allow Domain">Allow</span><span class="box box1 x_trust" rel="3" title="Trust Entire Domain">Trust</span><span class="box box2 x_blacklist" rel="1" title="Deny">Deny</span><span class="box box2 x_trust" rel="4" title="Distrust Entire Domain">Distrust</span><span class="box box3 x_bypass" rel="2" title="Temp.">Temp.</span></span></div>');
Expand Down Expand Up @@ -192,6 +193,7 @@ function init() {
$("#blocked").append($("#blocked [rel='x_webgl_fingerprint']"));
$("#blocked").append($("#blocked [rel='x_device_enumeration']"));
$("#blocked").append($("#blocked [rel='x_gamepad_enumeration']"));
$("#blocked").append($("#blocked [rel='x_spoofed_timezone']"));
$("#blocked").prepend($("#blocked [data-domain='"+tabdomainroot+"'][data-baddie='false']"));
$("#blocked [rel='x_"+tabdomainfriendly+"']").children().first().css("font-weight", "bold");
$("#blocked").prepend($("#blocked [rel='x_"+tabdomainfriendly+"']"));
Expand Down Expand Up @@ -263,7 +265,7 @@ function init() {
if (responseAllowedCount == 0) tempSel = '.thirds';
else tempSel = '#allowed';
if (mode == 'block') {
if ($('#blocked .thirditem').length == 1 && ($('#blocked .thirditem[rel="x_no_script"]').length == 1 || $('#blocked .thirditem[rel="x_web_bug"]').length == 1 || $('#blocked .thirditem[rel="x_canvas_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_canvas_font_access"]').length == 1 || $('#blocked .thirditem[rel="x_audio_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_webgl_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_battery_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_device_enumeration"]').length == 1 || $('#blocked .thirditem[rel="x_gamepad_enumeration"]').length == 1)) {
if ($('#blocked .thirditem').length == 1 && ($('#blocked .thirditem[rel="x_no_script"]').length == 1 || $('#blocked .thirditem[rel="x_web_bug"]').length == 1 || $('#blocked .thirditem[rel="x_canvas_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_canvas_font_access"]').length == 1 || $('#blocked .thirditem[rel="x_audio_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_webgl_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_battery_fingerprint"]').length == 1 || $('#blocked .thirditem[rel="x_device_enumeration"]').length == 1 || $('#blocked .thirditem[rel="x_gamepad_enumeration"]').length == 1) || $('#blocked .thirditem[rel="x_timezone_offset"]').length == 1) {
// empty space
} else {
if ($("#blocked .x_whitelist:visible").length != 0) {
Expand Down
Loading

0 comments on commit 0fe81fb

Please sign in to comment.