brave-browser: Unable to view https://wooorm.com/server-components-mdx-demo/ due to fingerprinting

Description

Loading page https://wooorm.com/server-components-mdx-demo/ is scrambled

Steps to Reproduce

With default shields, open https://wooorm.com/server-components-mdx-demo/
Page is scrambled due to fingerprinting

Actual result:

woorm

Expected result:

woorm2

Reproduces how often:

Easily.

Brave version (brave://version info)

Version 1.20.110 Chromium: 88.0.4324.192 (Official Build) (64-bit)

Version/Channel Information:

Can you reproduce this issue with the current release? Yes
Can you reproduce this issue with the beta channel? Yes
Can you reproduce this issue with the nightly channel? Yes

Other Additional Information:

Does the issue resolve itself when disabling Brave Shields? Yes
Does the issue resolve itself when disabling Brave Rewards?
Is the issue reproducible on the latest version of Chrome?

Miscellaneous Information:

Was reported via twitter; https://twitter.com/Fdecampredon/status/1366438532173225992

Due to fingerprinting, the following error in the console cc: @pes10k

error-woo

About this issue

Original URL
State: closed
Created 3 years ago
Comments: 17 (4 by maintainers)

Commits related to this issue

Fix https://github.com/lovasoa/bin2png/issues/11 See https://github.com/brave/brave-browser/issues/14421 — committed to lovasoa/bin2png by lovasoa 3 years ago

Most upvoted comments

To show an example with the famous enwik8

$ npx bin2png /tmp/enwik8 /tmp/enwik8.png 
npx: installed 2 in 2.379s
Converting /tmp/enwik8 to /tmp/enwik8.png
Success. File size difference: -11%

And comparing the base64 png to the base64 raw text, the ratio is even slightly better. Of course the ratio highly depends on how compressible the source data is.

lovasoa on Mar 2, 2021

encode your JS (or arbitrary data) as a base64 data url

include that in a script tag

mark the tag async

The PNG is not only decoded asynchronously, it is also a compressed data representation that is decompressed asynchronously.

lovasoa on Mar 2, 2021

(Im closing the issue now, but lets keep discussing here if it’d be helpful)

pes10k on Mar 2, 2021

cc @lovasoa too, that might work 🤔

And also good to know that the canvas is the problem, not the url!

wooorm on Mar 2, 2021

hi hi! So, was wondering, could you do the following:

encode your JS (or arbitrary data) as a base64 data url
include that in a script tag
mark the tag async

Would that cover the use case here?

(and as background for folks who find this later, Brave doesn’t modify data uri’s, we modify the results of canvas readback, which in this case is being encoded as a data uri 😃 )

pes10k on Mar 2, 2021