A Chrome extension that gives users control of the web and more secure browsing while emphasizing simplicity and intuitiveness. http://www.nsaneforums.com/uploads/monthly_2016_12/Untitled.thumb.jpg.765a9fd2c8ead258ce7b20d9f57f7d62.jpg What's changed from v1.0.8.4 to aid in beta testing (feel free to view referenced issues below for test cases): Resolved issue where blocked items were sometimes not being listed in the panel Added more control over Referrer Spoofing (thanks AykutCevik) Improved Block Device Enumeration to block mediaDevices.enumerateDevices() Improved Battery Fingerprint Blocking (thanks TjWallas) Included translations for 13 languages: Chinese - Simplified, Chinese - Traditional, Czech, Dutch, French, German, Hungarian, Italian, Korean, Latvian, Romanian, Russian, and Swedish (thanks to all translators listed at the bottom of the Changelog and Options pages) Improved syncing of existing rules if upgrading from a pre-v1.0.7.0 instance Added a reload icon to the panel Updated unwanted content providers list ScriptSafe is now released under the GNU GPLv3 license Instructions on how to Beta Test: Download the v1.0.8.5 BETA: https://github.com/andryou/scriptsafe/releases/download/v1.0.8.5_beta/ScriptSafe_v1.0.8.5_BETA.zip Extract the ZIP file to its own folder anywhere on your computer Copy and paste chrome://extensions into your browser address bar and press Enter Make sure you have disabled the Chrome Web Store version of ScriptSafe (ID: oiigbmnaadbkfbmpbfijlflahbdbdgdf) Note: you may want to save a copy of your existing ScriptSafe settings at this point (see https://www.andryou.com/scriptsafe/frequently-asked-questions/#backup) Enable “Developer Mode“ Click on Load unpacked extension, navigate to the folder you extracted ScriptSafe to in step #2 and click on OK Restore your existing ScriptSafe settings: https://www.andryou.com/scriptsafe/frequently-asked-questions/#restore Fingerprint Protection Canvas Fingerprint Protection – protect against fingerprinting attempts through <canvas> elements (default: disabled) Options: Disabled Blank Readout (serve an empty canvas with the original dimensions) Random Readout (serve an empty canvas with random dimensions) Completely Block Readout (refuse to serve any data) Block Audio Fingerprinting – prevent fingerprinting via the AudioContext API (default: disabled) Block WebGL Fingerprinting – prevent fingerprinting via the WebGL API (default: disabled) Block Battery Fingerprinting – prevent fingerprinting via the Battery API (default: disabled) Block Device Enumeration – prevent having hardware devices detected via the WebRTC API (default: disabled) Block Gamepad Enumeration – prevent having hardware devices detected via the Gamepad API (default: disabled) Block Canvas Font Access – prevent system fonts from being enumerated through <canvas> elements. May interfere with Google Docs. (default: disabled) Block Client Rectangles – prevent fingerprinting through calculating element rectangles. May interfere with some dropdowns. (default: disabled) Reduce Keyboard Fingerprinting (for advanced users) – make keypress timings more random to increase anonymity (note: adds a random delay between keypresses)) (default: disabled) Privacy Settings Paranoia Mode – if enabled, whitelisted domains on unlisted tabs will be blocked (default: disabled) Block Unwanted Content – if enabled, domains are checked against a list of ad / malware domains and blocked; domains gathered from MVPS HOSTS, hpHOSTS (ad / tracking servers), Peter Lowe’s HOSTS Project, MalwareDomainList.com (default: enabled) Block Unwanted Cookies – wipe out cookies from unwanted content providers (referred to above) (default: enabled) Unwanted Content Mode – control how strict you want unwanted content blocking to be (default: Relaxed) Options: Relaxed – whitelisted domains in the unwanted domain list will not be blocked Strict – domains in the unwanted domain list will be blocked even if whitelisted Antisocial Mode – remove/block social widgets and plugins, even if whitelisted (default: disabled) WebRTC Protection – prevent IP address leakage (default: Protect Local IP) Options: Disabled Protect Local IP Protect Local and Public IPs Remove Webbugs – remove “invisible” third-party elements (default: enabled) Remove Google Analytics (UTM) Tracking – remove Google Analytics (UTM) tracking tokens (default: disabled) Remove Possible Hash Tracking – remove possible tracking tokens passed using hash, where there is an attribute and value (e.g. #xtor=RSS-1) (default: disabled) Block Click-Through Referrer – blocks referrer information when clicking on external links (default: enabled) Options: Disabled Only on Unwhitelisted Domains – only applies to pages on unwhitelisted domains On All Domains – applies to third-party links on every domain, even if whitelisted Spoof Timezone – spoof or randomize your timezone. NOTE: if enabled, it may interfere with replying to emails in Gmail. (default: disabled) User-Agent Spoof – spoofs your user-agent (browser and OS) (default: Off) Referrer Spoof – spoofs where you came from (default: Off) Options: Off Same Document – if visiting http://www.example.com/page.html => referrer will be http://www.example.com/page.html Same Domain – if visiting http://www.example.com/page.html => referrer will be http://www.example.com/ Custom – set a custom value to be the referrer for all page visits Behavior Settings Page Link Opening Behaviour – modifies how all links are opened (default: -Unchanged-) Respect Same-Domain – allow same-domain elements to load (default: disabled) Options: Disabled Strict – allow same domain only Loose – allow same domain and subdomains Auto-Refresh Page – auto-refresh page after list change (default: enabled) Show Rating Button – adds rating button under domains in tab popup (default: enabled) Classic Options Mode – if enabled, the ScriptSafe panel closes everytime an option is clicked (default: disabled) Prevent Clipboard Interference – prevent pages from interfering with clipboard actions (default: disabled) Sort by Domain – sorts URL lists throughout ScriptSafe (in the Options page and in the Panel) by domains (default: enabled)
Looks interesting. But they need to make it a bit more like NoScript and Ghostery, and give the ability to allow all first party scripts and block only third party scripts.
