NSFW thumbnails not loading [solved: RFP - use a secondary browser/profile]

[Chippel]

This might be a stupid question but I can't figure out how to fix that. On a popular NSFW site which is called P***ub I got problems with the thumbnails. It seems like the site is loading like 20 thumbnails of videos but as I scroll further down they will dissapear and be replaced with black boxes. Do you guys know what setting I need to change in order to get all the thumbnails?

I tried a clean install and I've figured out that resist browser fingerprint is the issue when enabling just that on a clean install. But I got the same issue with the ghacks profile even if I disable fingerprint.

[crssi]

Tried out now and it was the 1st guess: privacy.resistFingerprinting

This is not the pref I would set to false.

[Chippel]

Why that? What else could I do in order to fix that problem?

I did disable it when using the user.js over about:config and I did a restart but it didn't work. Did I forgot something?

[crssi]

Set it to false... do not restart. Try out. When you restart, it will be set back to true by user.js directive.

[crssi]

Just checked AMO... look what I have found: Resist Fingerprinting

OT: I was sure that WE cannot mess with the prefs. I guess I was wrong.

[KOLANICH]

WE can mess only with the ones they are explicitly allowed to mess via API and permissions.

[Chippel]

Thanks for the help. Let's assume I want to keep resist fingerprint activated. Anything I can do except turning it off to fix the problem?

[crssi]

No problem. For sure you want this pref to be true. This pref is very powerful and I doubt that you can achieve same level of resisting fingerprinting without it. So only workarounds I could make of is to use the WebExtension from upper post to temporary disable it when needed, which would be a rare occasion (actually I haven't have any problems with it and your example was first breakage, at least known to me). The second option is to have another browser just for that purpose and nothing else.

Note: you must also know, that disabling this pref is global and does not affect just current tab that you are browsing, but all open tabs.

Cheers

[Chippel]

Thanks. I'm thinking about using another Browser for that purpose. So another thing I don't like is the tiny window when opening the Browser. Is it possible to maximze it or do I lose fingerprint protection since I changed the window size?

[crssi]

Here https://github.com/ghacksuserjs/ghacks-user.js/issues/632#issuecomment-460891261 is a way and also the reason why not to do it. @Thorin-Oakenpants is right (as usual :smile:), but on the end you can decide for yourself. :wink:

Cheers

[crssi]

You should also read section 4500: https://github.com/ghacksuserjs/ghacks-user.js/blob/de0ebbed2120787ada6f5455639741c4f3ae1466/user.js#L1562 and the section 4600: https://github.com/ghacksuserjs/ghacks-user.js/blob/de0ebbed2120787ada6f5455639741c4f3ae1466/user.js#L1642

Cheers

[Chippel]

Thanks. I've decided to deactivate it because the window is too small and it destroy some sites I visit regularly.

Is it correct to reenable section 4600 if not using RFP? How do I do it? I've ran the script but it seems like all the values are still the same. Did I forgot something?

[KOLANICH]

@Chippel, before deactivating RFP you may want to do some investigation on the causes of the problems. Do you see any strange icons like this one in your urlbar? If you do, you may want to open debugger and search by the keywords like getImageData and toDataURL and getContext("webgl") (try both single and double quotes).

[crssi]

@KOLANICH the icon link does not open. @Chippel I am sorry, but I don't feel competent to answer that, since I am using RFP and haven't investigate further. If not anyone, then @Thorin-Oakenpants or @earthlng would for sure be the best to answer you.

[Chippel]

How in the world got your guys used to that small window? That's a huge difference IMHO

[KOLANICH]

@crssi, I have replaced the link with the direct one, should work (still cannot embed though). It looks like a striked image.

[crssi]

If you do, you may want to open debugger and search by the keywords like getImageData and toDataURL and getContext("webgl") (try both single and double quotes).

What to do with that?

[Thorin-Oakenpants]

WE can mess only with the ones they are explicitly allowed to mess via API and permissions.

To elaborate on that: a few prefs are accessible for extensions to change thru the Privacy API - here are some of them: assuming the documentation is up to date

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/privacy/websites cookieConfig firstPartyIsolate hyperlinkAuditingEnabled protectedContentEnabled referrersEnabled resistFingerprinting thirdPartyCookiesAllowed trackingProtectionMode

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/privacy/network networkPredictionEnabled peerConnectionEnabled webRTCIPHandlingPolicy

https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/WebExtensions/API/privacy/services passwordSavingEnabled

[Thorin-Oakenpants]

DONT USE AN Extension to toggle RFP on/off At least 3 problems:

• at least one of the RFP measure requires a restart and there may be others - Time Zone spoofing

  • start FF with RFP, your time zone is UTC, then change privacy.ResistFingerprinting to false - your timezone is still UTC
  • however, I just did a test. If RFP is not set on startup, then it seems to work
  • 1491343
  • NOTE: I am not using multiple FF profiles at the same time in my tests - so my test is not the same as the bugzilla. I'm just pointing out that the environment variable is set on start, and RFP has trouble unsetting the spoofed value

• you will FUCK UP at some stage

  • ooh, porn time ... disable RFP .. watch porn ... enable RFP .. go back to doing some work (assuming your work is not porn)
  • ooh, porn time ... disable RFP .. watch porn .. forget to enable RFP
  • ooh, porn time ... disable RFP .. watch porn ... pause porn, check your gmail or something

• JS can run when it wants, it doesn't just have to be when you load a website. So if you have multiple sites open, and then you toggle RFP off, you run the risk that JS can then grab info

---

I had a play around at pornhub, as I thought it might be the canvas component of RFP, but it has nothing to do with that (canvas has a per site permission if you need to override it). Not sure entirely what the cause is.

---

Not using RFP because of one site and due to the size on opening (which has solutions) is a bit silly IMO.

Pornhub solution: use a secondary browser (or profile). You can use a portable Firefox, just for Pornhub. Call it Pornfox :) .. change the theme so it's easier to differentiate. ONLY use it for pornhub. Note: in out wiki we have all the instructions and pretty pictures for you to run multiple Firefoxes concurrently if you want.

THATS the godamn solution, rather than compromising all the good that RFP does because of one site.

The solution to the size on open has already been linked to. Set a larger size: use the prefs in 4502 - at the very worst you'll be high entropy if not unique (which you would be without it), but at least the other RFP items still apply

eg

// my overrides
user_pref("privacy.window.maxInnerWidth", 1600);
user_pref("privacy.window.maxInnerHeight", 900);