scratch – Diff between revs 58 and 125
?pathlinks?
Rev 58 | Rev 125 | |||
---|---|---|---|---|
1 | # Fingerprintjs2 |
1 | # Fingerprintjs2 |
|
2 | [![](https://travis-ci.org/Valve/fingerprintjs2.svg?branch=master)](https://travis-ci.org/Valve/fingerprintjs2) |
2 | [![](https://travis-ci.org/Valve/fingerprintjs2.svg?branch=master)](https://travis-ci.org/Valve/fingerprintjs2) |
|
3 | [![](https://badges.gitter.im/Valve/fingerprintjs2.svg)](https://gitter.im/Valve/fingerprintjs2) |
3 | [![](https://badges.gitter.im/Valve/fingerprintjs2.svg)](https://gitter.im/Valve/fingerprintjs2) |
|
4 | |
4 | |
|
5 | Original fingerprintjs library was developed in 2012, it's now impossible to evolve it |
5 | Original fingerprintjs library was developed in 2012, it's now impossible to evolve it |
|
6 | without breaking backwards compatibilty, so this project will be where |
6 | without breaking backwards compatibilty, so this project will be where |
|
7 | all the new development happens. |
7 | all the new development happens. |
|
8 | |
8 | |
|
9 | This project will use significantly more sources for fingerprinting, all |
9 | This project will use significantly more sources for fingerprinting, all |
|
10 | of them will be configurable, that is it should be possible to |
10 | of them will be configurable, that is it should be possible to |
|
11 | cherry-pick only the options you need or just enable them all. |
11 | cherry-pick only the options you need or just enable them all. |
|
12 | |
12 | |
|
13 | I'm also paying special attention to IE plugins, popular in China, such |
13 | I'm also paying special attention to IE plugins, popular in China, such |
|
14 | as QQ, Baidu and others. |
14 | as QQ, Baidu and others. |
|
15 | |
15 | |
|
16 | This project will not be backwards compatible with original |
16 | This project will not be backwards compatible with original |
|
17 | fingerprintjs. |
17 | fingerprintjs. |
|
18 | |
18 | |
|
19 | This project uses `semver`. |
19 | This project uses `semver`. |
|
20 | |
20 | |
|
21 | ### Installation |
21 | ### Installation |
|
22 | |
22 | |
|
23 | #### CDN: |
23 | #### CDN: |
|
24 | ``` |
24 | ``` |
|
25 | //cdn.jsdelivr.net/fingerprintjs2/<VERSION>/fingerprint2.min.js |
25 | //cdn.jsdelivr.net/fingerprintjs2/<VERSION>/fingerprint2.min.js |
|
26 | ``` |
26 | ``` |
|
27 | or |
27 | or |
|
28 | |
28 | |
|
29 | ``` |
29 | ``` |
|
30 | https://cdnjs.com/libraries/fingerprintjs2 |
30 | https://cdnjs.com/libraries/fingerprintjs2 |
|
31 | ``` |
31 | ``` |
|
32 | |
32 | |
|
33 | #### Bower |
33 | #### Bower |
|
34 | |
34 | |
|
35 | ``` |
35 | ``` |
|
36 | bower install fingerprintjs2 |
36 | bower install fingerprintjs2 |
|
37 | ``` |
37 | ``` |
|
38 | |
38 | |
|
39 | #### NPM |
39 | #### NPM |
|
40 | |
40 | |
|
41 | ``` |
41 | ``` |
|
42 | npm install fingerprintjs2 |
42 | npm install fingerprintjs2 |
|
43 | ``` |
43 | ``` |
|
44 | |
44 | |
|
45 | |
45 | |
|
46 | ### Usage |
46 | ### Usage |
|
47 | |
47 | |
|
48 | ```js |
48 | ```js |
|
49 | new Fingerprint2().get(function(result, components){ |
49 | new Fingerprint2().get(function(result, components){ |
|
50 | console.log(result); //a hash, representing your device fingerprint |
50 | console.log(result); //a hash, representing your device fingerprint |
|
51 | console.log(components); // an array of FP components |
51 | console.log(components); // an array of FP components |
|
52 | }); |
52 | }); |
|
53 | ``` |
53 | ``` |
|
54 | |
54 | |
|
55 | #### You can pass an object with options (all of which are optional): |
55 | #### You can pass an object with options (all of which are optional): |
|
56 | |
56 | |
|
57 | ```js |
57 | ```js |
|
58 | var options = {swfPath: '/assets/FontList.swf', excludeUserAgent: true}; |
58 | var options = {swfPath: '/assets/FontList.swf', excludeUserAgent: true}; |
|
59 | new Fingerprint2(options).get(function(result){ |
59 | new Fingerprint2(options).get(function(result){ |
|
60 | console.log(result); |
60 | console.log(result); |
|
61 | }); |
61 | }); |
|
62 | ``` |
62 | ``` |
|
63 | |
63 | |
|
64 | Full list of options will be in the |
64 | Full list of options will be in the |
|
65 | (https://github.com/Valve/fingerprintjs2/wiki/List-of-options) wiki |
65 | (https://github.com/Valve/fingerprintjs2/wiki/List-of-options) wiki |
|
66 | page. |
66 | page. |
|
67 | |
67 | |
|
68 | Flash font enumeration is disabled by default. JS code is used by |
68 | Flash font enumeration is disabled by default. JS code is used by |
|
69 | default to get the list of available fonts. |
69 | default to get the list of available fonts. |
|
70 | |
70 | |
|
71 | The reason for this is that Flash will not work in incognito mode. |
71 | The reason for this is that Flash will not work in incognito mode. |
|
72 | |
72 | |
|
73 | However, you can make the library to use Flash when detecting the fonts |
73 | However, you can make the library to use Flash when detecting the fonts |
|
74 | with: |
74 | with: |
|
75 | |
75 | |
|
76 | ```js |
76 | ```js |
|
77 | excludeJsFonts: true |
77 | excludeJsFonts: true |
|
78 | ``` |
78 | ``` |
|
79 | option. |
79 | option. |
|
80 | |
80 | |
|
81 | To use Flash font enumeration, make sure you have swfobject available. |
81 | To use Flash font enumeration, make sure you have swfobject available. |
|
82 | If you don't, the library will skip the Flash part entirely. |
82 | If you don't, the library will skip the Flash part entirely. |
|
83 | |
83 | |
|
84 | #### `detectScreenOrientation` option is `true` by default |
84 | #### `detectScreenOrientation` option is `true` by default |
|
85 | |
85 | |
|
86 | To ensure consistent fingerprints when users rotate their mobile |
86 | To ensure consistent fingerprints when users rotate their mobile |
|
87 | devices. |
87 | devices. |
|
88 | |
88 | |
|
89 | |
89 | |
|
90 | ##### All fingerprinting sources are enabled by default, i.e. you don't need to explicitly configure the library to include them. |
90 | ##### All fingerprinting sources are enabled by default, i.e. you don't need to explicitly configure the library to include them. |
|
91 | |
91 | |
|
92 | ```js |
92 | ```js |
|
93 | new Fingerprint2().get(function(result, components){ |
93 | new Fingerprint2().get(function(result, components){ |
|
94 | // this will use all available fingerprinting sources |
94 | // this will use all available fingerprinting sources |
|
95 | console.log(result); |
95 | console.log(result); |
|
96 | // components is an array of all fingerprinting components used |
96 | // components is an array of all fingerprinting components used |
|
97 | console.log(components); |
97 | console.log(components); |
|
98 | }); |
98 | }); |
|
99 | ``` |
99 | ``` |
|
100 | |
100 | |
|
101 | #### `userDefinedFonts` option |
101 | #### `userDefinedFonts` option |
|
102 | |
102 | |
|
103 | While hundreds of the most popular fonts are included in the extended font list, you may wish to increase the entropy of the font fingerprint by specifying the `userDefinedFonts` option as an array of font names. |
103 | While hundreds of the most popular fonts are included in the extended font list, you may wish to increase the entropy of the font fingerprint by specifying the `userDefinedFonts` option as an array of font names. |
|
104 | |
104 | |
|
105 | ``` |
105 | ``` |
|
106 | new Fingerprint2({ |
106 | new Fingerprint2({ |
|
107 | userDefinedFonts: ["Nimbus Mono", "Junicode", "Presto"] |
107 | userDefinedFonts: ["Nimbus Mono", "Junicode", "Presto"] |
|
108 | }).get(function(result, components){} |
108 | }).get(function(result, components){} |
|
109 | console.log(result); |
109 | console.log(result); |
|
110 | ); |
110 | ); |
|
111 | ``` |
111 | ``` |
|
112 | |
112 | |
|
113 | #### View the fingerprint locally |
113 | #### View the fingerprint locally |
|
114 | |
114 | |
|
115 | You can view your browser fingerprint locally by starting a webserver and viewing the `index.html` page. |
115 | You can view your browser fingerprint locally by starting a webserver and viewing the `index.html` page. |
|
116 | Loading `index.html` from the filesystem won't work due to Flash's ExternalInterface security restrictions. |
116 | Loading `index.html` from the filesystem won't work due to Flash's ExternalInterface security restrictions. |
|
117 | |
117 | |
|
118 | To start a web server you can try using one of the following: |
118 | To start a web server you can try using one of the following: |
|
119 | |
119 | |
|
120 | * Ruby 1.9.2+ |
120 | * Ruby 1.9.2+ |
|
121 | |
121 | |
|
122 | `ruby -run -e httpd . -p 8080` |
122 | `ruby -run -e httpd . -p 8080` |
|
123 | |
123 | |
|
124 | * Python 2.x |
124 | * Python 2.x |
|
125 | |
125 | |
|
126 | `python -m SimpleHTTPServer 8080` |
126 | `python -m SimpleHTTPServer 8080` |
|
127 | |
127 | |
|
128 | * Python 3.x |
128 | * Python 3.x |
|
129 | |
129 | |
|
130 | `python -m http.server 8080` |
130 | `python -m http.server 8080` |
|
131 | |
131 | |
|
132 | * PHP 5.4+ |
132 | * PHP 5.4+ |
|
133 | |
133 | |
|
134 | `php -S 0.0.0.0:8080` |
134 | `php -S 0.0.0.0:8080` |
|
135 | |
135 | |
|
136 | |
136 | |
|
137 | ### List of fingerprinting sources |
137 | ### List of fingerprinting sources |
|
138 | |
138 | |
|
139 | 1. UserAgent |
139 | 1. UserAgent |
|
140 | 2. Language |
140 | 2. Language |
|
141 | 3. Color Depth |
141 | 3. Color Depth |
|
142 | 4. Screen Resolution |
142 | 4. Screen Resolution |
|
143 | 5. Timezone |
143 | 5. Timezone |
|
144 | 6. Has session storage or not |
144 | 6. Has session storage or not |
|
145 | 7. Has local storage or not |
145 | 7. Has local storage or not |
|
146 | 8. Has indexed DB |
146 | 8. Has indexed DB |
|
147 | 9. Has IE specific 'AddBehavior' |
147 | 9. Has IE specific 'AddBehavior' |
|
148 | 10. Has open DB |
148 | 10. Has open DB |
|
149 | 11. CPU class |
149 | 11. CPU class |
|
150 | 12. Platform |
150 | 12. Platform |
|
151 | 13. DoNotTrack or not |
151 | 13. DoNotTrack or not |
|
152 | 14. Full list of installed fonts (maintaining their order, which increases the entropy), implemented with Flash. |
152 | 14. Full list of installed fonts (maintaining their order, which increases the entropy), implemented with Flash. |
|
153 | 15. A list of installed fonts, detected with JS/CSS (side-channel technique) - can detect up to 500 installed fonts without flash |
153 | 15. A list of installed fonts, detected with JS/CSS (side-channel technique) - can detect up to 500 installed fonts without flash |
|
154 | 16. Canvas fingerprinting |
154 | 16. Canvas fingerprinting |
|
155 | 17. WebGL fingerprinting |
155 | 17. WebGL fingerprinting |
|
156 | 18. Plugins (IE included) |
156 | 18. Plugins (IE included) |
|
157 | 19. Is AdBlock installed or not |
157 | 19. Is AdBlock installed or not |
|
158 | 20. Has the user tampered with its languages <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
158 | 20. Has the user tampered with its languages <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
|
159 | 21. Has the user tampered with its screen resolution <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
159 | 21. Has the user tampered with its screen resolution <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
|
160 | 22. Has the user tampered with its OS <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
160 | 22. Has the user tampered with its OS <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
|
161 | 23. Has the user tampered with its browser <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
161 | 23. Has the user tampered with its browser <sup>[1](https://github.com/Valve/fingerprintjs2/wiki/Browser-tampering)</sup> |
|
162 | 24. Touch screen detection and capabilities |
162 | 24. Touch screen detection and capabilities |
|
163 | 25. Pixel Ratio |
163 | 25. Pixel Ratio |
|
164 | 26. System's total number of logical processors available to the user agent. |
164 | 26. System's total number of logical processors available to the user agent. |
|
165 | |
165 | |
|
166 | |
166 | |
|
167 | By default, JS font detection will only detect up to 65 installed fonts. If you want to improve the font detection, |
167 | By default, JS font detection will only detect up to 65 installed fonts. If you want to improve the font detection, |
|
168 | you can pass `extendedJsFonts: true` option. This will increase the number of detectable fonts to ~500. |
168 | you can pass `extendedJsFonts: true` option. This will increase the number of detectable fonts to ~500. |
|
169 | |
169 | |
|
170 | On my machine (MBP 2013 Core i5) + Chrome 46 the default FP process takes about 80-100ms. If you use `extendedJsFonts` option this time will increase up to 160-200ms. |
170 | On my machine (MBP 2013 Core i5) + Chrome 46 the default FP process takes about 80-100ms. If you use `extendedJsFonts` option this time will increase up to 160-200ms. |
|
171 | This option can incur even more overhead on mobile Firefox browsers, which is much slower in font detection, so use it with caution on mobile devices. |
171 | This option can incur even more overhead on mobile Firefox browsers, which is much slower in font detection, so use it with caution on mobile devices. |
|
172 | |
172 | |
|
173 | ### Many more fingerprinting sources will be implemented, such as |
173 | ### Many more fingerprinting sources will be implemented, such as |
|
174 | (in no particular order) |
174 | (in no particular order) |
|
175 | |
175 | |
|
176 | * Multi-monitor detection, |
176 | * Multi-monitor detection, |
|
177 | * Internal HashTable implementation detection |
177 | * Internal HashTable implementation detection |
|
178 | * WebRTC fingerprinting |
178 | * WebRTC fingerprinting |
|
179 | * Math constants |
179 | * Math constants |
|
180 | * Accessibility fingerprinting |
180 | * Accessibility fingerprinting |
|
181 | * Camera information |
181 | * Camera information |
|
182 | * DRM support |
182 | * DRM support |
|
183 | * Accelerometer support |
183 | * Accelerometer support |
|
184 | * Virtual keyboards |
184 | * Virtual keyboards |
|
185 | * List of supported gestures (for touch-enabled devices) |
185 | * List of supported gestures (for touch-enabled devices) |
|
186 | * Pixel density |
186 | * Pixel density |
|
187 | * Video and audio codecs availability |
187 | * Video and audio codecs availability |
|
188 | * Audio stack fingerprinting |
188 | * Audio stack fingerprinting |
|
189 | |
189 | |
|
190 | #### To recompile the `FontList.swf` file: |
190 | #### To recompile the `FontList.swf` file: |
|
191 | |
191 | |
|
192 | * Download [Adobe Flex SDK](http://www.adobe.com/devnet/flex/flex-sdk-download.html) |
192 | * Download [Adobe Flex SDK](http://www.adobe.com/devnet/flex/flex-sdk-download.html) |
|
193 | * Unzip it, add the `bin/` directory to your `$PATH` (mxmlc binary should be in path) |
193 | * Unzip it, add the `bin/` directory to your `$PATH` (mxmlc binary should be in path) |
|
194 | * Run `make` |
194 | * Run `make` |
|
- | 195 | |
||
- | 196 | #### My talk about the library (in Russian) on FrontEnd Conf 2015 |
||
- | 197 | |
||
- | 198 | https://player.vimeo.com/video/151208427 |
||
195 | |
199 | |
|
196 | #### License: MIT or Apache, whichever you prefer. |
200 | #### License: MIT or Apache, whichever you prefer. |
|
197 | |
201 | |