Microsoft has acquired GitHub. Decentraleyes has left GitHub. Welcome to its new home!

To participate, please register, or sign in with an existing GitLab.com, Bitbucket, or GitHub account.

Past contributions on GitHub? Be sure to reclaim your Comments, Issues, and Pull Requests.

  1. 05 Nov, 2020 2 commits
  2. 01 Apr, 2020 2 commits
  3. 11 Oct, 2019 2 commits
  4. 24 Jun, 2019 2 commits
  5. 17 May, 2019 2 commits
  6. 10 Mar, 2019 2 commits
  7. 03 Feb, 2019 2 commits
  8. 24 Nov, 2018 2 commits
  9. 23 Nov, 2018 2 commits
  10. 02 Jul, 2018 2 commits
  11. 29 Jun, 2018 2 commits
  12. 28 May, 2018 2 commits
  13. 14 May, 2018 1 commit
  14. 06 Mar, 2018 1 commit
    • Raymond Hill's avatar
      Guard web accessible resources from direct access by outside world · e6a5de16
      Raymond Hill authored
      With Chromium-based browsers, web pages can access directly
      Decentraleyes' web accessible resources, and thus detect
      whether Decentraleyes is used by a visitor.
      
      This potentially adds one bit of information to fingerprinting.
      
      See: "Discovering Browser Extensions via Web Accessible Resources"
      www.cse.chalmers.se/~andrei/codaspy17.pdf
      
      Proof-of-concept: https://jsfiddle.net/fuqrudcs/
      
      The change here is to use a secret when accessing a web accessible
      resource. If the secret is not present when the resource is fetched
      by the browser, the behavior will be the same as if the resource
      is not web accessible.
      
      When Decentraleyes redirects a request to one of its web
      accessible resources, the secret is appended at the end of the
      local URL as a query parameter.
      
      The secret is generated at runtime when Decentraleyes is launched.
      e6a5de16
  15. 21 Feb, 2018 2 commits
  16. 09 Jan, 2018 3 commits
  17. 08 Jan, 2018 1 commit
  18. 20 Nov, 2017 2 commits
  19. 10 Nov, 2017 1 commit
  20. 07 Nov, 2017 2 commits
  21. 04 Nov, 2017 1 commit
  22. 31 Oct, 2017 2 commits