sal/containerSite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
15 Commits 1 Branch 0 Tags
448cd3e70d3aecad50b811339d750a071560e451
Commit Graph

7 Commits

Author SHA1 Message Date
sal
448cd3e70d Keep auth redirects in originating container for session isolation 
When a tab in a managed container navigates to an auth provider
(accounts.google.com), keep it in the current container instead of
reassigning. This ensures YouTube's Google login cookies stay in the
youtube.com container and aren't visible to drive.google.com.
 2026-03-01 16:27:23 -06:00
sal
930814015b Skip User-Agent spoofing on Google auth domains to fix login rejection 
Google's login detects UA mismatches and blocks sign-in as "insecure."
Skip UA/Accept-Language header modification and JS navigator.userAgent
override on accounts.google.com and accounts.youtube.com. All other
fingerprint vectors (canvas, WebGL, screen, etc.) remain active.
 2026-03-01 16:13:18 -06:00
sal
b09a8248af Add font enumeration hardening, document.fonts protection, Client Hints stripping, and WebGL parameter normalization 
- Font enumeration: seeded noise on offsetWidth/Height, scrollWidth/Height, clientWidth/Height
- document.fonts: check() returns false, size returns 0, forEach is no-op
- Client Hints: strip Sec-CH-UA/Full-Version-List, override Platform/Mobile per container
- WebGL: merge PARAM_OVERRIDES into getParameter (MAX_TEXTURE_SIZE, attribs, etc.)
- Clean up dead code in WebGL extended section
- Test page: add Font DOM, document.fonts, and Client Hints test sections
- README: update vector table (18 vectors), add about:config and testing docs
 2026-03-01 15:49:40 -06:00
sal
ed9355ced6 Add HTTP header spoofing, fix timezone overrides, and expand fingerprint coverage 
- Spoof User-Agent and Accept-Language HTTP headers per container via
  webRequest.onBeforeSendHeaders, eliminating JS/HTTP header mismatch
- Wrap Intl.DateTimeFormat constructor to inject spoofed timezone
- Pre-create timezone formatters outside exportFunction callbacks to
  avoid cross-compartment issues with Date.toString/toTimeString
- Fix WebRTC relay-only config to use JSON serialization across
  Firefox compartment boundaries
- Add new fingerprint vector protections: speechSynthesis.getVoices(),
  matchMedia screen dimension queries, performance.now() precision
  reduction, navigator.storage.estimate(), WebGL extension normalization
- Add comprehensive fingerprint test page (test/fingerprint-test.html)
  covering all 17 vectors with per-container comparison support
 2026-03-01 15:22:21 -06:00
sal
ba6449c5b0 Add options page with vector controls, whitelist, and container management 
- Options page (open_in_tab) with 4 sections: fingerprint vector toggles,
  domain whitelist, container table with delete, and bulk actions
- Per-vector spoofing control: 12 independent toggles (canvas, WebGL,
  audio, navigator, screen, timezone, WebRTC, fonts, clientRects,
  plugins, battery, connection)
- Domain whitelist bypasses containerization entirely
- Delete individual containers from options UI
- Remove dead code (tabOrigins, getContainerDomain)
- Refactor profile registration into buildProfileAndRegister helper
 2026-02-28 23:43:12 -06:00
sal
246933599f Fix cross-domain navigation staying in wrong container 
Tabs now switch to the correct container when navigating to a different
domain (e.g. clicking a search result on DDG). User-created containers
outside ContainSite are left alone.
 2026-02-28 23:27:11 -06:00
sal
a058d78c20 Initial release — per-site container isolation with unique device fingerprints 
Automatic per-domain containers with hardened fingerprint spoofing:
canvas, WebGL, audio, navigator, screen, timezone, WebRTC, fonts,
ClientRects, plugins, battery, and connection APIs.
 2026-02-28 22:59:46 -06:00