Skip to content
This repository was archived by the owner on Dec 11, 2019. It is now read-only.

Prevent further tracking by blocking additional methods #10288

pes10k opened this issue Aug 3, 2017 · 2 comments

Prevent further tracking by blocking additional methods #10288

pes10k opened this issue Aug 3, 2017 · 2 comments


Copy link

pes10k commented Aug 3, 2017

  • Did you search for similar issues before submitting this one?

  • Describe the issue you encountered:
    There are a large number of methods that are overwhelmingly (>95%) used for tracking on the web, but which are currently not blocked out with shields up. Many of these would make good candidates for blocking

  • Platform (Win7, 8, 10? macOS? Linux distro?):

  • Brave Version (revision SHA):

  • Steps to reproduce:

    1. Try calling a tracking related method, like SVGTextContentElement.prototype.getComputedTextLength()
  • Actual result:
    The method works as the standard defines

  • Expected result:
    Access to it to be blocked in shields up mode

  • Will the steps above reproduce in a fresh profile? If not what other info can be added?

  • Is this an issue in the currently released version?

  • Can this issue be consistently reproduced?

The below is a list of methods that we found to have a 95% or more reduction in use when installing Ghostery, and which are used on >= 100 sites in the Alexa 10k at the time of measurement (~1.5 years ago…). Some methods that are heavily related to tracking are

  • SVGTextContentElement.prototype.getComputedTextLength
  • CanvasRenderingContext2D.prototype.quadraticCurveTo
  • MessagePort.prototype.start
  • Document.prototype.elementFromPoint

There are many other compelling "options" on the list

feature_name num_sites_using pct_reduction_when_blocking
CanvasRenderingContext2D.prototype.scale 583 0.9503
HTMLDocument.prototype.captureEvents 121 0.9504
WebSocket.prototype.close 281 0.9537
Element.prototype.scrollIntoView 108 0.9537
Element.prototype.getClientRects 1064 0.9539
window.atob 4950 0.9541
URL.createObjectURL 1670 0.9545
HTMLInputElement.prototype.checkValidity 3894 0.9545
CSSStyleDeclaration.prototype.removeProperty 478 0.9561
CanvasRenderingContext2D.prototype.bezierCurveTo 185 0.9568
performance.onresourcetimingbufferfull 210 0.9571
window.postMessage 4762 0.9591
window.onunload 2505 0.9593
window.btoa 4146 0.9595
document.writeln 1928 0.9595
HTMLDocument.prototype.writeln 1928 0.9595
CustomEvent.prototype.initCustomEvent 1828 0.9612
Event.prototype.stopImmediatePropagation 390 0.9615
XPathResult.prototype.snapshotItem 162 0.963
HTMLCanvasElement.prototype.toDataURL 3447 0.9634
XMLHttpRequest.prototype.overrideMimeType 1196 0.964
CanvasRenderingContext2D.prototype.beginPath 3171 0.9647
CanvasRenderingContext2D.prototype.fillText 3584 0.9648
Crypto.prototype.getRandomValues 7048 0.9651
SVGGraphicsElement.prototype.getBBox 633 0.9652 3084 0.9653
HTMLCollection.prototype.item 3122 0.9664
Document.prototype.evaluate 359 0.9666
Worker.prototype.terminate 214 0.9673
CanvasRenderingContext2D.prototype.fill 3024 0.9676
HTMLDocument.prototype.close 4700 0.9679
document.domain 4364 0.9679
document.close 4700 0.9679
CanvasRenderingContext2D.prototype.fillRect 3562 0.968
CanvasRenderingContext2D.prototype.clearRect 3023 0.9682
window.content 537 0.9683
AudioContext.prototype.createOscillator 126 0.9683
CanvasRenderingContext2D.prototype.drawImage 3063 0.9696
CanvasRenderingContext2D.prototype.getImageData 2911 0.9698
CanvasRenderingContext2D.prototype.closePath 3021 0.9699
CanvasRenderingContext2D.prototype.rect 1169 0.9701
Navigator.prototype.javaEnabled 8356 0.9701
CanvasRenderingContext2D.prototype.arcTo 242 0.9711
NamedNodeMap.prototype.item 529 0.9716 4125 0.9716
document.onkeypress 955 0.9728
Event.prototype.initEvent 4570 0.9729
CanvasRenderingContext2D.prototype.createPattern 260 0.9731
Navigator.prototype.sendBeacon 2302 0.9735
CanvasRenderingContext2D.prototype.measureText 983 0.9736
Range.prototype.createContextualFragment 152 0.9737
Node.prototype.hasChildNodes 3250 0.9742
document.onclick 2464 0.9748
window.cancelAnimationFrame 3437 0.975
Range.prototype.setStartBefore 126 0.9762
Element.prototype.setAttributeNS 3215 0.9764
URL.revokeObjectURL 256 0.9766
document.onkeydown 2404 0.9771
CanvasRenderingContext2D.prototype.moveTo 2864 0.9777
window.onmessage 946 0.9778
Performance.prototype.getEntriesByName 3938 0.9782
CanvasRenderingContext2D.prototype.lineTo 2853 0.9786
XPathResult.prototype.iterateNext 140 0.9786
CanvasRenderingContext2D.prototype.stroke 2469 0.9789
Document.prototype.hasFocus 3890 0.9789
document.onmousemove 1019 0.9794
XMLSerializer.prototype.serializeToString 512 0.9805
CanvasRenderingContext2D.prototype.putImageData 2090 0.9813
window.onblur 750 0.9813
Element.prototype.remove 648 0.9815
document.onkeyup 872 0.9817
CanvasRenderingContext2D.prototype.restore 2872 0.9822 2870 0.9822
HTMLTableRowElement.prototype.insertCell 346 0.9827
document.onreadystatechange 1896 0.9831
document.onmousedown 911 0.9835
Element.prototype.hasAttributes 183 0.9836
Performance.prototype.getEntries 1672 0.985
DOMTokenList.prototype.toggle 2077 0.9851
SVGPathElement.prototype.getTotalLength 140 0.9857
Element.prototype.matches 3907 0.9859
document.onmouseup 856 0.986
MessagePort.prototype.postMessage 3011 0.9861
document.head 454 0.9868
CanvasGradient.prototype.addColorStop 2069 0.987
CanvasRenderingContext2D.prototype.createLinearGradient 1978 0.9874
HTMLTableElement.prototype.insertRow 321 0.9875
CSSStyleSheet.prototype.deleteRule 2057 0.9883
CanvasRenderingContext2D.prototype.transform 2626 0.9893
CanvasRenderingContext2D.prototype.createRadialGradient 988 0.9899
CanvasRenderingContext2D.prototype.createImageData 1825 0.9901
NodeList.prototype.item 3076 0.9902
window.onfocus 2181 0.9917
CanvasRenderingContext2D.prototype.setTransform 2542 0.9921
CanvasRenderingContext2D.prototype.clip 2354 0.9924
Document.prototype.elementFromPoint 2194 0.9927 1861 0.993 1861 0.993
document.onscroll 727 0.9931
CanvasRenderingContext2D.prototype.quadraticCurveTo 2341 0.994
Document.prototype.createAttribute 2300 0.9948
Element.prototype.setAttributeNode 2285 0.9956
document.ondblclick 712 0.9972
window.onpagehide 752 0.9973
document.onwheel 705 0.9986
SVGTextContentElement.prototype.getComputedTextLength 1003 0.999
document.onmouseover 1652 0.9994
MessagePort.prototype.start 971 1
Blob.prototype.slice 105 1
FileReader.prototype.readAsArrayBuffer 106 1
Copy link
Contributor Author

pes10k commented Aug 3, 2017

These numbers are taken from this work:

Peter Snyder, Lara Ansari, Cynthia Taylor, Chris Kanich, Browser feature usage on the modern web, Proceedings of the 2016 ACM on Internet Measurement Conference, 2016

Copy link

luixxiul commented Aug 4, 2017

CC @diracdeltas

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
None yet

No branches or pull requests

5 participants