search

brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.
https://brave.com
Mozilla Public License 2.0
17.74k stars 2.32k forks source link

Canvas anti-fingerprinting *still* breaks sites #27881

Open jez9999 opened 1 year ago

jez9999 commented 1 year ago

Description

In Brave, the "Block fingerprinting" setting is set to "Standard" by default, implying that it won't break sites. However, as evidenced by this bug, it still breaks stuff, including the entire Konva.js framework. Anything that changes canvas pixel values at all will break stuff, and it should be turned off by default. The cure is far worse than the disease in this case.

Steps to Reproduce

  1. Visit a site using Konva.js with "Block fingerprinting: Standard".
  2. Witness that shape detection is broken because hitCanvas pixel values are changed in Brave.
corbt commented 1 year ago

I can confirm that most interactions in Konva are silently broken when using Brave with standard settings. It took me a couple of days of debugging to figure out why my site wasn't working.

rookiemonkey commented 5 months ago

same here, on the other hand, ImageData bytes are incremented by 1 randomly.