I do have RFP enabled, but also webgl enabled. In the doc, it’s recommended to at least use canvasblocker, if having webgl enabled. But I’m wondering if RFP should make canvasblocker unnecessary at all.

Thanks !

  • kixikOP
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    @fishonthenet@lemmy.ml I just noticed on “preferences -> general”:

    CanvasBlocker requires Container Tabs

    And then an option selected and grayed out (I can’t deselect it):

    Enable Container Tabs

    Which also comes with a Learn more URL from the Librewolf FAQ, stating:

    Why isn’t First Party Isolate enabled by default?

    FPI is not enabled by default as we use dFPI, and the two do not work well together. dFPI is a newer implementation and it causes less breakage, plus it is included by default when using Tracking Protection in strict mode.

    Please also notice that dFPI makes containers and containers extensions redudant, unless you want to protect your privacy when visiting the same website multiple times, during the same browsing sessions.

    I use RFP, but I have webgl enabled. Does it still make sense to use CanvasBlocker extension, disabling all APIs except by the webgl one? From the FAQ, I don’t read it’ll break anything, since I believe containers don’t enable FPI by default, so I believe there’s no conflict with dFPI, but 1st, I’m not sure, and 2nd the container comment of being redundant makes me wonder.

    Can you pls comment on it, so perhaps I understand better if what I have is OK or I should change something? Thx !

  • fishonthenetM
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    sorry for being super late.

    I think you have many options, you could :

    • enable webgl, keep RFP and install canvas blocker and activate exclusively webgl protections.
    • enable webgl, keep RFP and be happy with it: you would likely still defeat a good amount of naive scripts.
    • enable webgl, disable RFP and install canvas blocker and activate canvas, audio and webgl protections, to keep a decent level of fingerprinting protection.
    • create a separate profile where RFP is disabled and webgl is enabled, and use it for cases where you want max usability and performance, but you are ok with being fingerprinted (eg. you login and pay with a credit card, so fingerprinting is not a concern as the website knows who you are).
    • kixikOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      2 years ago

      Thanks a lot, I’m all for 1st option, I guess that means setting “expert mode” in the “general” section, disabling all APIs in the APIs section, except for the canvas one, and enabling only the 3 webGL protected canvas API features:

      • readPixels
      • getParameter
      • getExtension

      I’m not sure if I should leave the canvas API set on “readout”.

      I have webGL enabled, and I have RFP enabled…

      @fishonthenet@lemmy.ml please let me know if that sounds fine, or if I should still enable something else. I wouldn’t like to have canvasblocker getting in the way of RFP, hehe…

      Thanks !

      • fishonthenetM
        link
        fedilink
        arrow-up
        2
        ·
        2 years ago

        yup leave canvas as is: if you have RFP enabled CanvasBlocker canvas protection only kicks in when you allow canvas access via the urlbar!