Closed Dmaker13 closed 9 months ago
there is no RFP for webgl except for
VENDOR
, RENDERER
, UNMASKED_VENDOR_WEBGL
+ UNMASKED_RENDERER_WEBGL
RFP does not protect against fingerprinting via readPixels(), which is why as a default, we disable webgl altogether
/* 4520: disable WebGL (Web Graphics Library)
* [SETUP-WEB] If you need it then override it. RFP still randomizes canvas for naive scripts ***/
user_pref("webgl.disabled", true);
excluding the entropy from parameters, their values, and other info such as vendor etc - all of which is not insignificant - the actual rending itself is like canvas - i.e you can draw shapes, add colors, blend, stroke, add text, transform, use math .. and so on - i.e exploit the GPU - to get entropy
IDK what it is the browserleaks test is doing and what makes you think forbid-hardware makes your webgl FP safe
FWIW - default arkenfox and my browserleaks webgl FP is .. "it's all disabled"
I reinstalled firefox instead of just refreshing , and it worked! Sorry, next time ill try more troubleshooting before commenting. I was experimenting, setting up my vpn's proxies through the browser and must of did something. Or must of changed some default GPU setting. Thanks for being the developer that you are! I really like this configuration
My WebGL image is being read on browserleaks until I turn "webgl.forbid-hardware" to "true". Then the fingerprinting resistance works. I didn't see anybody else talk about this, so I thought to post. Is it a bad idea to set "webgl.forbid-hardware" to "true" for any reason? I am a newbie, so its prob me.
Oh yea, I noticed the webgl.diabled setting is off and locked. When I try to reverse it in my user overrides, it doesn't work.