Microsoft has acquired GitHub. Decentraleyes has left GitHub. Welcome to its new home!

To participate, please register, or sign in with an existing GitLab.com, Bitbucket, or GitHub account.

Past contributions on GitHub? Be sure to reclaim your Comments, Issues, and Pull Requests.

  1. 01 Apr, 2020 2 commits
  2. 11 Oct, 2019 2 commits
  3. 24 Jun, 2019 2 commits
  4. 17 May, 2019 2 commits
  5. 10 Mar, 2019 2 commits
  6. 03 Feb, 2019 2 commits
  7. 24 Nov, 2018 2 commits
  8. 23 Nov, 2018 2 commits
  9. 02 Jul, 2018 2 commits
  10. 29 Jun, 2018 2 commits
  11. 28 May, 2018 2 commits
  12. 14 May, 2018 1 commit
  13. 06 Mar, 2018 1 commit
    • Raymond Hill's avatar
      Guard web accessible resources from direct access by outside world · e6a5de16
      Raymond Hill authored
      With Chromium-based browsers, web pages can access directly
      Decentraleyes' web accessible resources, and thus detect
      whether Decentraleyes is used by a visitor.
      
      This potentially adds one bit of information to fingerprinting.
      
      See: "Discovering Browser Extensions via Web Accessible Resources"
      www.cse.chalmers.se/~andrei/codaspy17.pdf
      
      Proof-of-concept: https://jsfiddle.net/fuqrudcs/
      
      The change here is to use a secret when accessing a web accessible
      resource. If the secret is not present when the resource is fetched
      by the browser, the behavior will be the same as if the resource
      is not web accessible.
      
      When Decentraleyes redirects a request to one of its web
      accessible resources, the secret is appended at the end of the
      local URL as a query parameter.
      
      The secret is generated at runtime when Decentraleyes is launched.
      e6a5de16
  14. 21 Feb, 2018 2 commits
  15. 09 Jan, 2018 3 commits
  16. 08 Jan, 2018 1 commit
  17. 20 Nov, 2017 2 commits
  18. 10 Nov, 2017 1 commit
  19. 07 Nov, 2017 2 commits
  20. 04 Nov, 2017 1 commit
  21. 31 Oct, 2017 2 commits
  22. 29 Oct, 2017 2 commits