Skip to content
This repository has been archived by the owner on Feb 25, 2020. It is now read-only.

Add whitelist controls #6

Open
Grabsteinschubser opened this issue Jul 23, 2014 · 8 comments
Open

Add whitelist controls #6

Grabsteinschubser opened this issue Jul 23, 2014 · 8 comments
Assignees

Comments

@Grabsteinschubser
Copy link

It would be nice to have a whitelist function. E.g. intranet sites are broken with chameleon activated (because of "Window.innerHeight")

Maybe it can look like this
chameleon_whitelist

@ghostwords
Copy link
Owner

Hi Grabsteinschubser, thanks for the suggestion!

I think Chameleon's functionality needs to evolve a bit more before we start updating the UI/providing more controls. Please see issues #1 and #2 for more context.

@ghostwords ghostwords changed the title Whitelist Add whitelist controls Jul 23, 2014
@Grabsteinschubser
Copy link
Author

Yes, of course ;) Just an idea for the future.

@0xBRM
Copy link

0xBRM commented Dec 5, 2014

I was actually going to create a new thread to discuss this. It's fairly easy to implement and should work the µBlock way, in my opinion:

-Click (disable): disable/enable µBlock for this site.
-Ctrl+Click: disable/enable µBlock for this page only.

Little did I know the issue had already been submitted over 5 months ago.

@ghostwords
Copy link
Owner

I changed the global toggle to a sticky toggle for the current page's host name. Let me know what you guys think.

@0xBRM
Copy link

0xBRM commented Dec 8, 2014

@ghostwords That's very convenient, works globally whilst maintaining full anti fingerprinting functionality. Do you think it'd be possible to implement a similar domain wide toggle but specifically for a page element (say a flash object, since it's related to the most prominent issue)? Or better yet, a text based whitelist with syntax similar to µMatrix's.

@ghostwords
Copy link
Owner

Yes, but please take a look at issue #1. Trying to blend in with Tor Browser works for simple fingerprinters, but might not be good enough for the real world.

@0xBRM
Copy link

0xBRM commented Dec 9, 2014

Oh, I forgot, to mail you something. I recently emailed gorhill about this but totally forgot about you even though I mentioned your extension to the EFF:

Hello,

I have recently contacted the EFF and asked them to disclose the top 10 UA strings and HTTP_ACCEPT headers. I was told the following:

Hi Cris,
Thanks for contacting the EFF!
I will talk to our staff about whether or not we can make this happen.
thanks,
Amul Kalia
Electronic Frontier Foundation
(415) 436-9333
info@eff.org
Become a Member! https://www.eff.org/support​

So we might get them soon and then you won't have to work in blind mode.

Cheers,
Cris​

So this might actually work in your favour as well, since I think we can all agree that blending in whilst randomising your browser is the superior approach.
Regarding intercepting fingerprinting scripts, I'm afraid it will be very hard to do this effectively (meaning, working OOTB for the common user) without breaking a lot of website functionality. What I do right now is use µMatrix in a Block all/Allow exceptionally (1st party images and css is allowed for convenience) configuration and it seems to work very well, whilst obviously requiring some micromanagement. Which is why I think Chameleon could benefit from its syntax

ghostwords added a commit that referenced this issue Apr 21, 2015
To eliminate cache-related race condition.

Unfortunately, this breaks page whitelisting (#6).
ghostwords added a commit that referenced this issue Apr 21, 2015
Fix for #5 broke site whitelisting. Whitelisting is waiting on
https://crbug.com/377978.
@ghostwords
Copy link
Owner

Unfortunately, whitelisting has been disabled in the master branch pending https://crbug.com/377978. Note that master is currently undergoing major changes: Tor masquerading has already been removed, too.

@ghostwords ghostwords reopened this Apr 21, 2015
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

3 participants