Canvas fingerprinting/readout

Canvas fingerprinting is a known anti-privacy technique for websites for tracking users across websites. The website uses a canvas, draws stuff on it, then captures the rendered image and fingerprints it.

Privacy-aware users use will often block "canvas-reading" operation to prevent canvas fingerprinting. For example, I'm using this web-extension: https://addons.mozilla.org/fr/firefox/addon/canvasblocker/

When I installed this extension (and set it to "block"), I noticed that trying to view any gitlab merge request would fail, the "changes" view of the MR would be blank, the "assignee" info would load indefinitely. If I disable canvas-reading blocking and reload the MR page, it will load correctly. Then, if I re-enable canvas-reading blocking and reload the MR again, it works. But when I clear my cookies, close and reopen my browser then open a gitlab MR, it fails again to load properly.

So I guess gitlab sometimes does canvas-fingerprinting. It shouldn't do this at all, this is a big anti-feature.