diff --git a/4.2.1-User-Scripts.md b/4.2.1-User-Scripts.md index b041580..fe24fa7 100644 --- a/4.2.1-User-Scripts.md +++ b/4.2.1-User-Scripts.md @@ -6,12 +6,14 @@ We recommend [Violentmonkey](https://addons.mozilla.org/firefox/addon/violentmon --- ### :small_orange_diamond: Conceal history.length + +👼 Don't use this. If required (it's debatable if it really achieves anything), use [CanvasBlocker](https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/), which supports `history.length` spoofing without leaking the custom function (see "History API") + +
'Conceal history.length' userscript

+ * Author: [Thorin-Oakenpants](https://github.com/Thorin-Oakenpants) * Description: This does not break history in any way. It just lies to any JS asking about it * Test: [BrowserSpy.dk](https://browserspy.dk/document.php) - * [CanvasBlocker](https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/) supports `history.length` spoofing without leaking the custom function (see "History API") - -

'Conceal history.length' userscript

```js // ==UserScript== @@ -41,15 +43,17 @@ Object.defineProperty(history,'length',{ --- ### :small_orange_diamond: Conceal window.name + +👼 Don't use this. Instead use [CanvasBlocker](https://addons.mozilla.org/en-US/firefox/addon/canvasblocker/), which supports `window.name` protection without leaking the custom function (see "Window API" and [how to unbreak reCaptcha](https://github.com/kkapsner/CanvasBlocker/issues/231#issuecomment-416919273)) + +

'Conceal window.name' userscript

+ * Author: Chris Rider * Description: See [bugzilla 444222](https://bugzilla.mozilla.org/show_bug.cgi?id=444222) * Test: [JonDonym](http://ip-check.info/?lang=en) * Note: you need to add `http://ip-check.info/?lang=en` as an exception. This is the landing page with the "Test" link on it. Without this exception you cannot do the test. To add an exception go to your User Script and click Options and add it under "Excluded Pages" * reported breakage: *may* interfere with Google's reCAPTCHA (the script is now 3 years old) * reported breakage (3rd party): paypal, disqus (just add exceptions) - * [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/) supports `window.name` protection without leaking the custom function (see CB's "Window API" and [how to unbreak reCaptcha](https://github.com/kkapsner/CanvasBlocker/issues/231#issuecomment-416919273)) - -

'Conceal window.name' userscript

```js // ==UserScript== @@ -87,13 +91,16 @@ Object.defineProperty(window,'name',{ --- ### :small_orange_diamond: Clear window.opener + +👼 Don't use this. Instead use earthlng 's strict [windows.opener be gone](https://github.com/earthlng/testpages/) or [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/), which supports `window.opener` protection with whitelisting (see CB's "Window API") + +

'Clear window.opener' userscript

+ * Author: [earthlng](https://github.com/earthlng) * Description: See [this](https://www.ghacks.net/2017/01/24/web-security-add-relnoopener-to-external-links/) ghacks article about rel=noopener * Test: https://mathiasbynens.github.io/rel-noopener/ - * :exclamation: This does NOT (currently) work with Web Extensions, instead you can use the `windows.opener be gone` extension listed on the wiki [extensions](https://github.com/ghacksuserjs/ghacks-user.js/wiki/4.1-Extensions) page - * [CanvasBlocker](https://addons.mozilla.org/firefox/addon/canvasblocker/) also supports `window.opener` protection (see CB's "Window API") + * :exclamation: This does NOT (currently) work with Web Extensions -

'Clear window.opener' userscript

```js // ==UserScript==