It’s worth noting this permission can be used for legit reasons sometimes, like for rendering some graphical elements. But most of the time it’s used for fingerprinting your browser. And it’s so widespread, you can see it everywhere from government websites to Linux distro websites. Crazy stuff.
A canvas is an element of the website that can be drawn to from javascript. The result of some drawing operations can have subtle differences between devices which can aid in fingerprinting your specific device. (e.g. because of different fonts, gpu’s and gpu drivers) To do so the tracking script has to read the current raw-pixel content of the canvas to evaluate it. Reading the raw image data is what this permission (should) block, so websites can still use canvas, but not fingerprint your device with it.
Legit applications for reading from the canvas could be games, simulations, and other computing stuff which your average website is unlikely to need to do.
Not sure. I usually block it by default and see if everything works alright. If some graphical glitches start to apper, then maybe it’s related to this.
I would direct you towards the same question on Tor StackExchange. I think the Tor Project documentation explains the problems with canvas fingerprinting quite nicely. Hope it helps understand the risks and the purpose of this permission.
LibreWolf is designed to increase protection against tracking and fingerprinting techniques, while also including a few security improvements.
LibreWolf also aims to remove all the telemetry, data collection and annoyances, as well as disabling anti-freedom features like DRM.
If you have any question please visit our FAQ first: https://librewolf.net/docs/faq/
It’s worth noting this permission can be used for legit reasons sometimes, like for rendering some graphical elements. But most of the time it’s used for fingerprinting your browser. And it’s so widespread, you can see it everywhere from government websites to Linux distro websites. Crazy stuff.
Thank you! Is there a way I can understand what is this permission for and/or if it’s for legit reasons?
A canvas is an element of the website that can be drawn to from javascript. The result of some drawing operations can have subtle differences between devices which can aid in fingerprinting your specific device. (e.g. because of different fonts, gpu’s and gpu drivers) To do so the tracking script has to read the current raw-pixel content of the canvas to evaluate it. Reading the raw image data is what this permission (should) block, so websites can still use canvas, but not fingerprint your device with it.
Legit applications for reading from the canvas could be games, simulations, and other computing stuff which your average website is unlikely to need to do.
Thank you for you explanation!
Not sure. I usually block it by default and see if everything works alright. If some graphical glitches start to apper, then maybe it’s related to this.
Basically, It can be used to dermine your display resolution.
I would direct you towards the same question on Tor StackExchange. I think the Tor Project documentation explains the problems with canvas fingerprinting quite nicely. Hope it helps understand the risks and the purpose of this permission.
Thank you! That was useful