diff --git a/4.1-Extensions.md b/4.1-Extensions.md index 33500b3..c369c80 100644 --- a/4.1-Extensions.md +++ b/4.1-Extensions.md @@ -10,13 +10,14 @@ These are all, where applicable, best configured to `deny-all` and whitelist. * [uBlock Origin](https://addons.mozilla.org/firefox/addon/ublock-origin/) ✔ [Privacy](https://github.com/gorhill/uBlock/wiki/Privacy-policy) | [GitHub](https://github.com/gorhill/uBlock) * Essential if you are not using Mozilla's Tracking Protection and Safe Browsing * [uMatrix](https://addons.mozilla.org/firefox/addon/umatrix/) ✔ [Privacy](https://github.com/gorhill/uMatrix/wiki/Privacy-policy) | [GitHub](https://github.com/gorhill/uMatrix) -* [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/) ✔ [Privacy](https://addons.mozilla.org/firefox/addon/canvasblocker/privacy/) | [GitHub](https://github.com/kkapsner/CanvasBlocker) * [Decentraleyes](https://addons.mozilla.org/firefox/addon/decentraleyes/) ✔ [Privacy](https://addons.mozilla.org/firefox/addon/decentraleyes/privacy/) | [GitLab](https://git.synz.io/Synzvato/decentraleyes) | [GitHub Archive](https://github.com/Synzvato/decentraleyes) * :exclamation: uBlock Origin users should add the [following rules](https://git.synz.io/Synzvato/decentraleyes/wikis/Frequently-Asked-Questions) * [CSS Exfil Protection](https://addons.mozilla.org/firefox/addon/css-exfil-protection/) | [GitHub](https://github.com/mlgualtieri/CSS-Exfil-Protection) | [Homepage + Test](https://www.mike-gualtieri.com/css-exfil-vulnerability-tester) * [HTTPS Everywhere](https://addons.mozilla.org/firefox/addon/https-everywhere/) ✔ [Privacy](https://www.eff.org/code/privacy/policy) | [GitHub](https://github.com/EFForg/https-everywhere) * [HTTPS by default](https://addons.mozilla.org/firefox/addon/https-by-default/) | [GitHub](https://github.com/Rob--W/https-by-default) * changes the behavior for schemeless URLs typed in the location bar +* [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/) ✔ [Privacy](https://addons.mozilla.org/firefox/addon/canvasblocker/privacy/) | [GitHub](https://github.com/kkapsner/CanvasBlocker) + * :exclamation: uncheck the option `Misc > Block data URL pages`. When multiple extensions (e.g. uBO, uMatrix, NoScript) use CSP header injection/modification, only one wins. Predicting the winner is like [rolling a dice](https://github.com/ghacksuserjs/ghacks-user.js/issues/265#issuecomment-393935989) (also see [#497](https://github.com/ghacksuserjs/ghacks-user.js/issues/497)) * [Smart Referer](https://addons.mozilla.org/firefox/addon/smart-referer/) ✔ [Privacy](https://addons.mozilla.org/firefox/addon/smart-referer/privacy/) | [GitLab](https://gitlab.com/smart-referer/smart-referer) | [GitHub Archive](https://github.com/meh/smart-referer) * [Header Editor](https://addons.mozilla.org/firefox/addon/header-editor/) | [GitHub](https://github.com/FirefoxBar/HeaderEditor) * Allows you to run [Rules](https://github.com/ghacksuserjs/ghacks-user.js/wiki/4.2.4-Header-Editor) to modify headers such as blocking ETags