When editing release notes.

A way to reproduce this bug is to create a spreadsheet in google drive with multiple tabs and switch from one tab to the other, then a "File unavailable error" message should pop up. It might be related to #8.

Race condition with async injected script messaging. For example, the script on http://browserspy.dk/plugins.php sometimes loads before Chameleon's script does its overwriting.

Improved by d17cd2.

Still happens on pages like http://ded.increpare.com/~locus/Promises/ however. Seems to do with caching -- when the resources are cached, our injected script isn't fast enough?

Hello,
chameleon(latest verison and old verisons) not working anymore, it is NOT BLOCKING ANYTHING

test:
www.whoer.net
www.ip-check.info

I am tested Google Chrome 42, Srware Iron 42, Google Chrome 28

PLEASE FIX

Some kind of WordPress emoji plugin on http://basho.com/riak/:

window._wpemojiSettings = {"baseUrl":"http:\/\/s.w.org\/images\/core\/emoji\/72x72\/","ext":".png","source":{"concatemoji":"http:\/\/basho.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=4.2.2"}};
            !function(a,b,c){function d(a){var c=b.createElement("canvas"),d=c.getContext&&c.getContext("2d");return d&&d.fillText?(d.textBaseline="top",d.font="600 32px Arial","flag"===a?(d.fillText(String.fromCharCode(55356,56812,55356,56807),0,0),c.toDataURL().length>3e3):(d.fillText(String.fromCharCode(55357,56835),0,0),0!==d.getImageData(16,16,1,1).data[0])):!1}function e(a){var c=b.createElement("script");c.src=a,c.type="text/javascript",b.getElementsByTagName("head")[0].appendChild(c)}var f,g;c.supports={simple:d("simple"),flag:d("flag")},c.DOMReady=!1,c.readyCallback=function(){c.DOMReady=!0},c.supports.simple&&c.supports.flag||(g=function(){c.readyCallback()},b.addEventListener?(b.addEventListener("DOMContentLoaded",g,!1),a.addEventListener("load",g,!1)):(a.attachEvent("onload",g),b.attachEvent("onreadystatechange",function(){"complete"===b.readyState&&c.readyCallback()})),f=c.source||{},f.concatemoji?e(f.concatemoji):f.wpemoji&&f.twemoji&&(e(f.twemoji),e(f.wpemoji)))}(window,document,window._wpemojiSettings);

Currently Chameleon cannot intercept access to high entropy plugin properties such as name, filename and description. It only counts the number of accesses to navigator.plugins.

Here's a simple demo page. The script on the page enumerates all the details about navigator.plugins, but the access to individual plugin properties goes unnoticed.

hello, i love this addon and i can't find a addon that is on the level of anti-fingerprinting this is

my addons
Noscript
cookie monster
Disconnect
Ublock Origin
Umatrix
Canvas Blocker

i would love to add Chameleon to that list of security addons, this combined with my vpn would make my privacy a whole lot better...

Are you still working on this add-on. (Opera/Chrome). Can you give a status update please.

When will it start blocking the fingerprinting efforts of websites.

it saw nothing no fingerprint while the site show your fingerprint clearly
https://www.browserleaks.com/canvas

The HTML5 player is unable to detect the proper size of the screen, and displays the proper size box but a smaller size video within it.

I have tried using the extension both on and off and when on the coursera pages gives me a notification that i'm using a browser that isn't recognized. With it off i don't get any such notification.

Issue #6 changed the global on/off toggle to work on the current page's hostname. The downside, however, is that now it's even harder to disable Chameleon on toolbar-less popups (like the one used by Google Hangouts).

Maybe a rightclick/context menu entry?

the author say will life be your project?
I want to have an application that can completely make random prints and canvas prints

Hi,
i this extension is obsolete ? i love your work on this , but just wandering if you can update the user-agent
i did update it as now Chrome ask for it to be unpacked to load it ; just do not see your work go to waste .

On some pages, Chamelon detects strange property names such as undefined:{}.innerWidth, (.devicePixelRatio or undefinied.innerHeight - note the typo. A table summarizing the unexpected property names and a page to reproduce the issue is given below:

Is this possible I don't know?

It would be nice to have a whitelist function. E.g. intranet sites are broken with chameleon activated (because of "Window.innerHeight")

Maybe it can look like this

The CanvasFingerprintBlock extension has a very nice feature of showing the image drawn to the canvas by the potential canvas fingerprinters. This is extremely useful for filtering out false alarms.

Could Chameleon do something similar?

How can we support development?

WebRTC can checking your local IP, u can add to Chameleon switch to disabling WebRTC?

https://www.browserleaks.com

Chameleon seems to cause some images to not load, and I looked in the console and there were warnings about the mime type.

An example is http://www.nsaneforums.com/topic/233507-the-windowless-plane-of-the-future-will-now-become-a-reality-in-2024/

With Chameleon on for me, all the images in the first post show up as broken placeholders.

This shows that there is still several ways of detecting Chrome/Chromium browser http://browserspy.dk/browser.php

Sometimes Chameleon displays an HTML code snippet instead of the accessed brower/device property. To reproduce, visit the pages in the following table and check the accessed properties by the scripts given below.

With modern high resolution screens, chameleon will cause Google Maps to render in a small top fraction of the window. Whitelisting (issue #6) could be one solution; selecting a fake window size that is the largest of a set of standard sizes that fits within the window, as torbrowser does, could be another.

Wouldn't it be a lot safer to be able to randomize your browser fingerprint every time when visiting a site? If I understand correctly this script tries to blend in with existing Tor visitors by mimicking their fingerprint but what about completely randomizing the data?

A fingerprint which is never the same twice in a row can hardly be called a fingerprint.

I understand this is early, but please (A) promote people to use this with Chromium vs Chrome (because: free/open software) and (B) release a version for Firefox. Thanks for this important work.

Some sites use Flash detection before loading Flash content. Since Chameleon overloads window.navigator.plugins, these sites end up showing error messages about needing to install or upgrade Flash.

TODO examples.

Thank you for your work on this project. Is there any chance that a Safari extension might be on the roadmap at some point in the future? I know this is still in the alpha stage.

With Chameleon enabled, attempting to view a message in Gmail causes the following error:

Uncaught CustomError: Error in protected function: Cannot read property '1' of null 

There is also a "Loading..." message that occasionally appears at the top of the screen and stays there.