celenity/Phoenix
8
198
Fork
You've already forked Phoenix
18

[Discussion] Controls for Disabling Canvas Randomization #281

Open
opened 2026年04月28日 14:07:28 +02:00 by IkelAtomig · 7 comments

Please explain your inquiry.

Currently canvas data is blocked as per #48, so some sites where image is to be loaded just gives grayed out image.

In my understanding, Firefox has bolstered its efforts towards Canvas randomization similar to Brave.

I think it should be considered on disabling this or move this to extended config or give a control in Firefox settings to enable/disable this.

It's a huge bummer when trying to browse pages casually and majority of every website I visit ask for this canvas data & images are just garbled or randomize properly instead of outright blocking. Only problem is bringing it to Normal browsing mode too ?


P.S. I placed this under other/Discussion since most of the users heavily defend it despite the inconvenience during browsing for added privacy.

### Please explain your inquiry. Currently canvas data is blocked as per #48, so some sites where image is to be loaded just gives grayed out image. In my understanding, Firefox has [bolstered](https://blog.mozilla.org/en/firefox/fingerprinting-protections/) its [efforts](https://support.mozilla.org/en-US/kb/firefox-protection-against-fingerprinting#w_suspected-fingerprinters:~:text=work%20as%20intended.-,Suspected%20Fingerprinters,have%20subtle%20noise%20that%20may%20affect%20how%20the%20image%20is%20displayed.,-Locally%20installed%20fonts) towards Canvas randomization similar to Brave. I think it should be considered on disabling this or move this to extended config or give a control in Firefox settings to enable/disable this. It's a huge bummer when trying to browse pages casually and majority of every website I visit ask for this canvas data & images are just garbled or randomize properly instead of outright blocking. Only problem is bringing it to Normal browsing mode too ? --- P.S. I placed this under other/Discussion since most of the users heavily defend it despite the inconvenience during browsing for added privacy.

@IkelAtomig

Thank you for sharing your input here!

Currently canvas data is blocked as per #48

Assuming you linked the wrong issue here, though doesn't change your points/concerns regardless.

I think it should be considered on disabling this or move this to extended config or give a control in Firefox settings to enable/disable this.

It's a huge bummer when trying to browse pages casually and majority of every website I visit ask for this canvas data & images are just garbled or randomize properly instead of outright blocking. Only problem is bringing it to Normal browsing mode too ?

So, you should receive a prompt when websites attempt to extract canvas data - does allowing sites to access canvas data with the prompt not resolving these issues for you? If it isn't, I suspect there may be at play here than just blocking canvas data extraction.

With that said, in terms of relaxing this protection - I'm mixed. On one hand, Firefox's canvas randomization is likely effective at foiling fingerprinting - at least effective enough for our threat model (Firefox'sefficient canvas randomization is incredibly broken at the moment though (so we actually disable it), but those issues shouldn't apply to the standard canvas randomization). On the other hand, blocking canvas data extraction entirely is likely always going to be a stronger defense, and I think the prompt does solve usability concerns, by allowing us to set exceptions on a per-site basis. As a bonus, I also think the prompt is nice at giving users an indicator when a website is attempting to fingerprint them.

Something I'm not entirely sure on - which we should probably test and confirm - is whether canvas randomization is still applied when canvas data extraction is allowed for websites. If it is not, then I do think it may be worth reconsidering our approach, so that users can remain protected across all sites.

@IkelAtomig Thank you for sharing your input here! > Currently canvas data is blocked as per #48 Assuming you linked the wrong issue here, though doesn't change your points/concerns regardless. > I think it should be considered on disabling this or move this to extended config or give a control in Firefox settings to enable/disable this. > > It's a huge bummer when trying to browse pages casually and majority of every website I visit ask for this canvas data & images are just garbled or randomize properly instead of outright blocking. Only problem is bringing it to Normal browsing mode too ? So, you should receive a prompt when websites attempt to extract canvas data - does allowing sites to access canvas data with the prompt not resolving these issues for you? If it isn't, I suspect there may be at play here than just blocking canvas data extraction. With that said, in terms of relaxing this protection - I'm mixed. On one hand, Firefox's canvas randomization is *likely* effective at foiling fingerprinting - at least effective *enough* for our threat model *(Firefox's`efficient` canvas randomization is [incredibly broken](https://bugzilla.mozilla.org/show_bug.cgi?id=2013976) at the moment though (so we actually disable it), but those issues shouldn't apply to the standard canvas randomization)*. On the other hand, blocking canvas data extraction entirely is likely always going to be a stronger defense, and I think the prompt does solve usability concerns, by allowing us to set exceptions on a per-site basis. As a bonus, I also think the prompt is nice at giving users an indicator when a website is attempting to fingerprint them. Something I'm not entirely sure on - which we should probably test and confirm - is whether canvas randomization is still applied when canvas data extraction is allowed for websites. If it is not, then I do think it may be worth reconsidering our approach, so that users can remain protected across all sites.

I receive a prompt as intended. Thing is I need to allow on a per-site basis. Sometimes, even legit sites such as QR code generator shows a grey square instead of QR. You could test this in it-tools.tech .

Say, you use this website casually without allowing to store its cookies, IIRC the allowed for canvas randomization is also reset.

s incredibly broken at the moment though

Wrong hyperlink, it's about SMTP servers.

probably test and confirm

Is it possible to conduct such as test ?

I receive a prompt as intended. Thing is I need to allow on a per-site basis. Sometimes, even legit sites such as QR code generator shows a grey square instead of QR. You could test this in it-tools.tech . Say, you use this website casually without allowing to store its cookies, IIRC the allowed for canvas randomization is also reset. > s incredibly broken at the moment though Wrong hyperlink, it's about SMTP servers. > probably test and confirm Is it possible to conduct such as test ?

@IkelAtomig wrote in #281 (comment):

Say, you use this website casually without allowing to store its cookies, IIRC the allowed for canvas randomization is also reset.

My understanding is that the permission to allow access to canvas data extraction should persist - though will need to test to confirm.

Wrong hyperlink, it's about SMTP servers.

Whoops, here is the correct link.

Is it possible to conduct such as test ?

I believe so - there are a number of fingerprinting test sites we can probably use (ex. browserleaks.com) - will just need to determine the best way to test and verify it.

@IkelAtomig wrote in https://codeberg.org/celenity/Phoenix/issues/281#issuecomment-14473928: > Say, you use this website casually without allowing to store its cookies, IIRC the allowed for canvas randomization is also reset. My understanding is that the permission to allow access to canvas data extraction should persist - though will need to test to confirm. > Wrong hyperlink, it's about SMTP servers. Whoops, [here is the correct link](https://bugzilla.mozilla.org/show_bug.cgi?id=2013976). > Is it possible to conduct such as test ? I believe so - there are a number of fingerprinting test sites we can probably use *([ex. `browserleaks.com`](https://browserleaks.com/canvas))* - will just need to determine the best way to test and verify it.

So, if randomization works correctly on all sites closing the bugzilla ticket and testing. Then, I could expect phoenix to have these

  • have the current notification & garble images
  • give a toggle to enable randomization & disable the popup

If and only if, test data is good ?


In that case, leaving this open for future to revisit would be good.

So, if randomization works correctly on all sites closing the bugzilla ticket and testing. Then, I could expect phoenix to have these - have the current notification & garble images - give a toggle to enable randomization & disable the popup If and only if, test data is good ? --- In that case, leaving this open for future to revisit would be good.
Contributor
Copy link

@celenity wrote in #281 (comment):

So, you should receive a prompt when websites attempt to extract canvas data - does allowing sites to access canvas data with the prompt not resolving these issues for you? If it isn't, I suspect there may be at play here than just blocking canvas data extraction.

In LibreWolf, if choose "yes", there is an option to disable this feature in the site settings, but in Phoenix I couldn't find the button to disable it.

@celenity wrote in https://codeberg.org/celenity/Phoenix/issues/281#issuecomment-14463722: > So, you should receive a prompt when websites attempt to extract canvas data - does allowing sites to access canvas data with the prompt not resolving these issues for you? If it isn't, I suspect there may be at play here than just blocking canvas data extraction. In LibreWolf, if choose "yes", there is an option to disable this feature in the site settings, but in Phoenix I couldn't find the button to disable it.
Contributor
Copy link

@celenity wrote in #281 (comment):

Something I'm not entirely sure on - which we should probably test and confirm - is whether canvas randomization is still applied when canvas data extraction is allowed for websites. If it is not, then I do think it may be worth reconsidering our approach, so that users can remain protected across all sites.

If you allow extraction, there is no randomization applied anymore.

@celenity wrote in https://codeberg.org/celenity/Phoenix/issues/281#issuecomment-14463722: > Something I'm not entirely sure on - which we should probably test and confirm - is whether canvas randomization is still applied when canvas data extraction is allowed for websites. If it is not, then I do think it may be worth reconsidering our approach, so that users can remain protected across all sites. If you allow extraction, there is no randomization applied anymore.
Contributor
Copy link

@celenity wrote in #281 (comment):

So, you should receive a prompt when websites attempt to extract canvas data - does allowing sites to access canvas data with the prompt not resolving these issues for you? If it isn't, I suspect there may be at play here than just blocking canvas data extraction.

Considering that the extraction permission outside of privacy.resistFingerprinting is kinda funky/broken, it is probably best to ditch it altogether and just stick to the subtle randomization.

@celenity wrote in https://codeberg.org/celenity/Phoenix/issues/281#issuecomment-14463722: > So, you should receive a prompt when websites attempt to extract canvas data - does allowing sites to access canvas data with the prompt not resolving these issues for you? If it isn't, I suspect there may be at play here than just blocking canvas data extraction. Considering that the extraction permission outside of `privacy.resistFingerprinting` is kinda funky/broken, it is probably best to ditch it altogether and just stick to the subtle randomization.
Sign in to join this conversation.
No Branch/Tag specified
dev
pages
2026年07月08日.1
2026年06月10日.1
2026年05月21日.2
2026年05月21日.1
2026年04月27日.1
2026年03月31日.1
2026年03月30日.1
2026年02月23日.1
2026年02月16日.1
2026年01月21日.1
2025年12月23日.1
2025年11月27日.1
2025年11月07日.1
2025年10月26日.1
2025年10月12日.1
2025年10月03日.1
2025年09月07日.1
2025年08月06日.1
2025年07月30日.1
2025年07月11日.1
2025年06月24日.1
2025年06月12日.1
2025年06月10日.1
2025年06月06日.1
2025年06月02日.2
2025年06月02日.1
2025年05月11日.1
2025年04月27日.1
2025年04月15日.1
2025年04月11日.1
2025年04月02日.1
2025年03月25日.1
2025年03月20日.1
2025年03月12日.1
2025年03月05日.1
2025年02月28日.1
2025年02月21日.1
2024年02月18日.1
2025年02月14日.1
2025年02月13日.1
2025年02月01日.1
2025年01月30日.1
2025年01月27日.1
2025年01月24日.1
2025年01月22日.2
2025年01月22日.1
2025年01月20日.2
2025年01月20日.1
2025年01月19日.1
2025年01月14日.1
2025年01月13日.1
2025年01月12日.2
2025年01月12日.1
2025年01月06日.1
05January2025v1
20240103.2
20250103.1
20241229-1
20241225-1
20241216-1
20241211-1
20241204-1
20241203-1
31November2024v1
20241103-1
20240924-1
20240914-1
20240907-1
20240902-1
20240831-1
20240825-1
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
4 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
celenity/Phoenix#281
Reference in a new issue
celenity/Phoenix
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?