scratch – Blame information for rev 125
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
58 | office | 1 | # Fingerprintjs2 |
2 | [![](https://travis-ci.org/Valve/fingerprintjs2.svg?branch=master)](https://travis-ci.org/Valve/fingerprintjs2) |
||
3 | [![](https://badges.gitter.im/Valve/fingerprintjs2.svg)](https://gitter.im/Valve/fingerprintjs2) |
||
4 | |||
5 | Original fingerprintjs library was developed in 2012, it's now impossible to evolve it |
||
6 | without breaking backwards compatibilty, so this project will be where |
||
7 | all the new development happens. |
||
8 | |||
9 | This project will use significantly more sources for fingerprinting, all |
||
10 | of them will be configurable, that is it should be possible to |
||
11 | cherry-pick only the options you need or just enable them all. |
||
12 | |||
13 | I'm also paying special attention to IE plugins, popular in China, such |
||
14 | as QQ, Baidu and others. |
||
15 | |||
16 | This project will not be backwards compatible with original |
||
17 | fingerprintjs. |
||
18 | |||
19 | This project uses `semver`. |
||
20 | |||
21 | ### Installation |
||
22 | |||
23 | #### CDN: |
||
24 | ``` |
||
25 | //cdn.jsdelivr.net/fingerprintjs2/<VERSION>/fingerprint2.min.js |
||
26 | ``` |
||
27 | or |
||
28 | |||
29 | ``` |
||
30 | https://cdnjs.com/libraries/fingerprintjs2 |
||
31 | ``` |
||
32 | |||
33 | #### Bower |
||
34 | |||
35 | ``` |
||
36 | bower install fingerprintjs2 |
||
37 | ``` |
||
38 | |||
39 | #### NPM |
||
40 | |||
41 | ``` |
||
42 | npm install fingerprintjs2 |
||
43 | ``` |
||
44 | |||
45 | |||
46 | ### Usage |
||
47 | |||
48 | ```js |
||
49 | new Fingerprint2().get(function(result, components){ |
||
50 | console.log(result); //a hash, representing your device fingerprint |
||
51 | console.log(components); // an array of FP components |
||
52 | }); |
||
53 | ``` |
||
54 | |||
55 | #### You can pass an object with options (all of which are optional): |
||
56 | |||
57 | ```js |
||
58 | var options = {swfPath: '/assets/FontList.swf', excludeUserAgent: true}; |
||
59 | new Fingerprint2(options).get(function(result){ |
||
60 | console.log(result); |
||
61 | }); |
||
62 | ``` |
||
63 | |||
64 | Full list of options will be in the |
||
65 | (https://github.com/Valve/fingerprintjs2/wiki/List-of-options) wiki |
||
66 | page. |
||
67 | |||
68 | Flash font enumeration is disabled by default. JS code is used by |
||
69 | default to get the list of available fonts. |
||
70 | |||
71 | The reason for this is that Flash will not work in incognito mode. |
||
72 | |||
73 | However, you can make the library to use Flash when detecting the fonts |
||
74 | with: |
||
75 | |||
76 | ```js |
||
77 | excludeJsFonts: true |
||
78 | ``` |
||
79 | option. |
||
80 | |||
81 | To use Flash font enumeration, make sure you have swfobject available. |
||
82 | If you don't, the library will skip the Flash part entirely. |
||
83 | |||
84 | #### `detectScreenOrientation` option is `true` by default |
||
85 | |||
86 | To ensure consistent fingerprints when users rotate their mobile |
||
87 | devices. |
||
88 | |||
89 | |||
90 | ##### All fingerprinting sources are enabled by default, i.e. you don't need to explicitly configure the library to include them. |
||
91 | |||
92 | ```js |
||
93 | new Fingerprint2().get(function(result, components){ |
||
94 | // this will use all available fingerprinting sources |
||
95 | console.log(result); |
||
96 | // components is an array of all fingerprinting components used |
||
97 | console.log(components); |
||
98 | }); |
||
99 | ``` |
||
100 | |||
101 | #### `userDefinedFonts` option |
||
102 | |||
103 | While hundreds of the most popular fonts are included in the extended font list, you may wish to increase the entropy of the font fingerprint by specifying the `userDefinedFonts` option as an array of font names. |
||
104 | |||
105 | ``` |
||
106 | new Fingerprint2({ |
||
107 | userDefinedFonts: ["Nimbus Mono", "Junicode", "Presto"] |
||
108 | }).get(function(result, components){} |
||
109 | console.log(result); |
||
110 | ); |
||
111 | ``` |
||
112 | |||
113 | #### View the fingerprint locally |
||
114 | |||
115 | You can view your browser fingerprint locally by starting a webserver and viewing the `index.html` page. |
||
116 | Loading `index.html` from the filesystem won't work due to Flash's ExternalInterface security restrictions. |
||
117 | |||
118 | To start a web server you can try using one of the following: |
||
119 | |||
120 | * Ruby 1.9.2+ |
||
121 | |||
122 | `ruby -run -e httpd . -p 8080` |
||
123 | |||
124 | * Python 2.x |
||
125 | |||
126 | `python -m SimpleHTTPServer 8080` |
||
127 | |||
128 | * Python 3.x |
||
129 | |||
130 | `python -m http.server 8080` |
||
131 | |||
132 | * PHP 5.4+ |
||
133 | |||
134 | `php -S 0.0.0.0:8080` |
||
135 | |||
136 | |||
137 | ### List of fingerprinting sources |
||
138 | |||
139 | 1. UserAgent |
||
140 | 2. Language |
||
141 | 3. Color Depth |
||
142 | 4. Screen Resolution |
||
143 | 5. Timezone |
||
144 | 6. Has session storage or not |
||
145 | 7. Has local storage or not |
||
146 | 8. Has indexed DB |
||
147 | 9. Has IE specific 'AddBehavior' |
||
148 | 10. Has open DB |
||
149 | 11. CPU class |
||
150 | 12. Platform |
||
151 | 13. DoNotTrack or not |
||
152 | 14. Full list of installed fonts (maintaining their order, which increases the entropy), implemented with Flash. |
||
153 | 15. A list of installed fonts, detected with JS/CSS (side-channel technique) - can detect up to 500 installed fonts without flash |
||
154 | 16. Canvas fingerprinting |
||
155 | 17. WebGL fingerprinting |
||
156 | 18. Plugins (IE included) |
||
157 | 19. Is AdBlock installed or not |
||
158 | 20. Has the user tampered with its languages <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
||
159 | 21. Has the user tampered with its screen resolution <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
||
160 | 22. Has the user tampered with its OS <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
||
161 | 23. Has the user tampered with its browser <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
||
162 | 24. Touch screen detection and capabilities |
||
163 | 25. Pixel Ratio |
||
164 | 26. System's total number of logical processors available to the user agent. |
||
165 | |||
166 | |||
167 | By default, JS font detection will only detect up to 65 installed fonts. If you want to improve the font detection, |
||
168 | you can pass `extendedJsFonts: true` option. This will increase the number of detectable fonts to ~500. |
||
169 | |||
170 | On my machine (MBP 2013 Core i5) + Chrome 46 the default FP process takes about 80-100ms. If you use `extendedJsFonts` option this time will increase up to 160-200ms. |
||
171 | This option can incur even more overhead on mobile Firefox browsers, which is much slower in font detection, so use it with caution on mobile devices. |
||
172 | |||
173 | ### Many more fingerprinting sources will be implemented, such as |
||
174 | (in no particular order) |
||
175 | |||
176 | * Multi-monitor detection, |
||
177 | * Internal HashTable implementation detection |
||
178 | * WebRTC fingerprinting |
||
179 | * Math constants |
||
180 | * Accessibility fingerprinting |
||
181 | * Camera information |
||
182 | * DRM support |
||
183 | * Accelerometer support |
||
184 | * Virtual keyboards |
||
185 | * List of supported gestures (for touch-enabled devices) |
||
186 | * Pixel density |
||
187 | * Video and audio codecs availability |
||
188 | * Audio stack fingerprinting |
||
189 | |||
190 | #### To recompile the `FontList.swf` file: |
||
191 | |||
192 | * Download [Adobe Flex SDK](http://www.adobe.com/devnet/flex/flex-sdk-download.html) |
||
193 | * Unzip it, add the `bin/` directory to your `$PATH` (mxmlc binary should be in path) |
||
194 | * Run `make` |
||
195 | |||
125 | office | 196 | #### My talk about the library (in Russian) on FrontEnd Conf 2015 |
197 | |||
198 | https://player.vimeo.com/video/151208427 |
||
199 | |||
58 | office | 200 | #### License: MIT or Apache, whichever you prefer. |