Add whitelist controls

[Grabsteinschubser]

It would be nice to have a whitelist function. E.g. intranet sites are broken with chameleon activated (because of "Window.innerHeight")

Maybe it can look like this

[ghostwords]

Hi Grabsteinschubser, thanks for the suggestion!

I think Chameleon's functionality needs to evolve a bit more before we start updating the UI/providing more controls. Please see issues #1 and #2 for more context.

[Grabsteinschubser]

Yes, of course ;) Just an idea for the future.

[0xBRM]

I was actually going to create a new thread to discuss this. It's fairly easy to implement and should work the µBlock way, in my opinion:

-Click (disable): disable/enable µBlock for this site. -Ctrl+Click: disable/enable µBlock for this page only.

Little did I know the issue had already been submitted over 5 months ago.

[ghostwords]

I changed the global toggle to a sticky toggle for the current page's host name. Let me know what you guys think.

[0xBRM]

@ghostwords That's very convenient, works globally whilst maintaining full anti fingerprinting functionality. Do you think it'd be possible to implement a similar domain wide toggle but specifically for a page element (say a flash object, since it's related to the most prominent issue)? Or better yet, a text based whitelist with syntax similar to µMatrix's.

[ghostwords]

Yes, but please take a look at issue #1. Trying to blend in with Tor Browser works for simple fingerprinters, but might not be good enough for the real world.

[0xBRM]

Oh, I forgot, to mail you something. I recently emailed gorhill about this but totally forgot about you even though I mentioned your extension to the EFF:

Hello,

I have recently contacted the EFF and asked them to disclose the top 10 UA strings and HTTP_ACCEPT headers. I was told the following:

Hi Cris, Thanks for contacting the EFF! I will talk to our staff about whether or not we can make this happen. thanks, Amul Kalia Electronic Frontier Foundation (415) 436-9333 info@eff.org Become a Member! https://www.eff.org/support​

So we might get them soon and then you won't have to work in blind mode.

Cheers, Cris​

So this might actually work in your favour as well, since I think we can all agree that blending in whilst randomising your browser is the superior approach. Regarding intercepting fingerprinting scripts, I'm afraid it will be very hard to do this effectively (meaning, working OOTB for the common user) without breaking a lot of website functionality. What I do right now is use µMatrix in a Block all/Allow exceptionally (1st party images and css is allowed for convenience) configuration and it seems to work very well, whilst obviously requiring some micromanagement. Which is why I think Chameleon could benefit from its syntax

[ghostwords]

Unfortunately, whitelisting has been disabled in the master branch pending https://crbug.com/377978. Note that master is currently undergoing major changes: Tor masquerading has already been removed, too.