CanvasBlocker
CanvasBlocker copied to clipboard
kkapsner
LinkedIn icons missing, message text field pre-filled with "undefined" & doesn't work.
Expected Behaviour
- "Write a message" placeholder should be the only thing in messages text input field, and disappear when user begins typing their own message.
- Messages should be send-able.
- Icons should be present.
Current Behaviour
- When submitting a report about a job the page will completely refresh and lose my set job search criteria (timeframe, experience level, etc), requiring that a re-input of every search term and criteria.
- "undefined" is displayed under the "Write a message" placeholder in Messaging. On occasion a period will be substituted for a space character.
- Messages can't be sent. Blue-colored suggested replies that appear between the messages and text input field can be sent.
- Icons are missing from the page.
Possible Solution
Unknown. Open to changing my settings, as I'm comfortable messing around.
Steps to Reproduce (for bugs)
- Navigate to LinkedIn.com and login.
- Open the messaging page (
linkedin.com/messaging/...) & attempt to enter text into the text entry field of a message with a contact. - Navigate to nearly any part of the website and observe missing icons.
Context
- Issue disallows sending of messages, a site-breaking problem.
- Missing icons make the site more difficult to use and navigate.
- Reporting a job isn't immediately useful to me, but I hold out hope that reporting helps get scam posts removed and scammers blocked, which helps all honest job seekers.
Your Environment
- CanvasBlocker Version used: 1.10.1
- Firefox version incl. 32- or 64-bit: v125.0.3 (64-bit)
- Operating System and version (desktop or mobile): Linux Mint 21.3 XFCE (desktop)
- Installed addons: Amazon Container, ClearURLs, Dark Read, Darker Jupyter, Decentraleyes, Don't Accept image/webp, Enhancer for YouTube, Facebook Container, Google Container, HTTPS Everywhere, Privacy Badger, Reddit Container, Rotate and Zoom Image, slack-in-browser, Temporary Containers, Twitter Container, uBlock Origin.
- I should note that during testing I turned off and individually turned on each addon I've installed, and CanvasBlocker is the only addon to trigger the issue described herein.
Your Settings
{
"logLevel": 1,
"urlSettings": [],
"hiddenSettings": {},
"expandStatus": {},
"displayHiddenSettings": false,
"whiteList": "",
"sessionWhiteList": "",
"blackList": "",
"blockMode": "fake",
"protectedCanvasPart": "readout",
"minFakeSize": 1,
"maxFakeSize": 0,
"rng": "nonPersistent",
"protectedAPIFeatures": {},
"useCanvasCache": true,
"ignoreFrequentColors": 0,
"minColors": 0,
"fakeAlphaChannel": false,
"webGLVendor": "",
"webGLRenderer": "",
"webGLUnmaskedVendor": "",
"webGLUnmaskedRenderer": "",
"persistentRndStorage": "",
"persistentIncognitoRndStorage": "",
"storePersistentRnd": false,
"persistentRndClearIntervalValue": 0,
"persistentRndClearIntervalUnit": "days",
"lastPersistentRndClearing": 1715109078865,
"sharePersistentRndBetweenDomains": false,
"askOnlyOnce": "individual",
"askDenyMode": "block",
"showCanvasWhileAsking": true,
"showNotifications": true,
"highlightPageAction": "none",
"highlightBrowserAction": "color",
"displayBadge": true,
"storeNotificationData": false,
"storeImageForInspection": false,
"ignoreList": "",
"ignoredAPIs": {},
"showCallingFile": false,
"showCompleteCallingStack": false,
"enableStackList": false,
"stackList": "",
"protectAudio": true,
"audioFakeRate": "100",
"audioNoiseLevel": "minimal",
"useAudioCache": true,
"audioUseFixedIndices": true,
"audioFixedIndices": "2",
"historyLengthThreshold": 2,
"protectWindow": false,
"allowWindowNameInFrames": false,
"protectDOMRect": true,
"domRectIntegerFactor": 4,
"protectSVG": true,
"protectTextMetrics": true,
"blockDataURLs": true,
"protectNavigator": false,
"navigatorDetails": {},
"protectScreen": true,
"screenSize": "",
"fakeMinimalScreenSize": true,
"displayAdvancedSettings": false,
"displayDescriptions": false,
"theme": "auto",
"showPresetsOnInstallation": true,
"dontShowOptionsOnUpdate": false,
"disruptSessionOnUpdate": false,
"updatePending": false,
"isStillDefault": false,
"storageVersion": 1
}
Facing the same problem and behaviour.
- CanvasBlocker Version used: 1.10.1
- Firefox version: 125.0.3 (64-bit)
- Operating System and version (desktop or mobile): MacOS Sonoma 14.4.1 (desktop)
- I should note that during testing I turned off and individually turned on each addon I've installed, and CanvasBlocker is the only addon to trigger the issue described herein.
Hello everyone! Same here. Just noticed it yesterday, but didn't have time to report.
- CanvasBlocker Version 1.11.20240417 (to fix the Grafana issue)
- Librewolf: 124.0.1-1
- OS: Ubuntu 22.04.4 LTS
If I disable CanvasBlocker, the names and icons return as expected.
+1 CanvasBlocker Version used: 1.10.1 Firefox version: 125.0.3 (64-bit) Operating System and version (desktop or mobile): Windows 11 (Desktop/Laptop) I too have tested add-on by add-on to identify CB being the cause. The icons of reactions below posts, descriptions of posts etc appear as undefined when CB is active.
Same issue. Only solution so far is disabling canvasblocker for the site and I really don't want to do that.
whitelist linkedIn.com domain and that should fix the problem. As an option - experiment with what exactly to whitelist by using "whitelist temporarily" which works until browser restart. This way you can enable only Real api, which otherwise breaks linkedIn
It seems that either History or Screen API is the culprit. History API cannot be whitelisted individually, and Screen API has its whitelist section but unchecking linkedin.com does not actually work, the API continues to be active.
Also noticed a strange situation with the whitelist settings. When all APIs are selected in the whitelist section, CanvasBlocker displays only DOMRect API to be blocked. So when I unticked DOMRect in the whitelist section and reload LinkedIn, Canvasblocker displays 4 APIs: History, Screen, Canvas, Audio. After unticking every single API in the whitelist but allowing Canvasblocker to work on LinkedIn, a reload of that page continues to show History and Screen APIs being blocked.
@verchalent Since one can use LinkedIn (with a few, surface-level exceptions) only while being logged-in, CanvasBlocker being inactive for that site changes next to nothing in terms of one's privacy. Microsoft already knows who you are, if you are registered and logged-in, no real point in trying to blur some of one's fingerprints in that scenario. The issue is however a nuisance, and hopefully will be fixed (so as the other ones) by @kkapsner once he is hopefully soon back from his current hiatus.
@kopach The "temporary whitelist" feature is only able to whitelist a domain as a whole, not API protections individually, so it's not suited to be used for such a "culprit-finding" mission. This can only be done by using the site-specific settings at the specific API one wants to test (which is made a lot easier by the fact that once one domain is added to one site-specific valueset of one API, the domain gets displayed on all site-specific value lists, one just has to remove the checkmark and observe the difference it makes on the website [the API protection being active/not active]).
@DoulosTrieste The History API protection can't be whitelisted on a per-site basis, but one can set the browser history length (which gets communicated to the website, and is the "protection" that is at work here) individually for each website. Also notice how it's called "protection" and not "blockage", only the Canvas API can be outright blocked (if one sets the setting like that, which is not recommended), the other APIs get more so "spoofed" in a privacy-friendly manner but still remain active (otherwise it would break websites left and right and make them unusable). The addon name and description may suggest otherwise, but those are remnants of a time when "CanvasBlocker" still was only dealing with the Canvas API, before it grew into a whole "anti-fingerprinting" suite.
Hovering your cursor over the CanvasBlocker icon is not sufficient to find out which API protection gets called by which domain, click on the fingerprint icon inside the address bar instead to see the proper list. Modern websites often times call APIs from more than just their original domain, so having whitelisted one for the Screen API and CB still showing Screen protection activity nevertheless on that website is not a direct sign of malfunction.
My gut feeling regarding this is that it's another general problem with CanvasBlocker, independent of individual API protections being active or not (I don't have a LinkedIn account, therefore can't test it myself). @verchalent I see you mentioned "disabling CanvasBlocker", do you mean by that having to disable CB as a whole in the addon manager, or did you simply whitelist linkedin.com to get rid of the display issues?
Struggling for months on this and realized that the extension blocking was causing it. Whitelisted LinkedIn and all's gucci now.
I just tested this on Firefox 133.0.3 (64-bit) on Arch Linux running CanvasBlocker 1.10.1. I can confirm that whitelisting all API's www.linkedin.com deals with the issue, whitelisting any specific ones did not work.
It is possible then to continue faking the li.protechts.net domain with no issue.
I'm able to reproduce the problem with CB 1.10.1 but not with the latest beta version.
Please try the latest beta version: https://canvasblocker.kkapsner.de/versions/?C=M;O=D (do not forget to disable the normal CanvasBlocker - only one of the should be active)
For posterity: adding https://www.linkedin.com under "Block Mode" in Settings and selecting "allow everything" from the drop-down associated with that entry fixes the issue.