CanvasBlocker FAQs

I do not find setting X.

Some settings are not always visible. There are three reasons why settings might be hidden:

So if you search for a setting and do not find it you should first enable the "expert mode" and "display hidden settings". If you then still do not find it it's not relevant for your current setup of CanvasBlocker.

How do I remove URL specific settings?

If one URL specific setting is set for a URL it shows up at every setting that can have URL specific values. So if you click on the little "x" to reset the value the line for the URL may not disappear. But the input field will appear a little bit gray to indicate that the "normal" value is still used for this URL.

To get rid of this URL line you have to remove all specific settings for this URL. The easiest way to get to know which settings are still set you can go to General > Settings > Export settings > Inspect. There the entry "urlSettings" stores the url specific values.

How is CanvasBlocker funded?

There is no steady monetary funding of CanvasBlocker. Donations are accepted and help to cover some expenses. But since these are not that high it is not sure if a steady funding with any obligations will be accepted.

There is also no plan to monetize CanvasBlocker in any way.

All the development work is done by kkapsner in their spare time and no salary or compensation is paid for it.

So it's all done voluntarily for fun and free.

How can I support CanvasBlocker?

The best way to support CanvasBlocker is to give feedback. If something is not working like it should or something could be improved please open an issue. Reviews at can also help to increase the user base but it is a very bad platform to communicate issues and improvements.

If you want to contribute with your own spare time you can help to improve the translations. Code contributions can also be done in form of pull requests but will be reviewed very thoroughly.

reCAPTCHA is not working!

It's a known fact that the window API protection breaks reCAPTCHAs. They use the API to store information about the captcha. The protection is designed to mitigate exactly such techniques of passing information from one domain to another. But in this case the information is shared with an embedded HTML page (an <iframe> tag). As the information gets lost when the top level page navigates somewhere the tracking potential is quite limited in such a scenario.

So in conclusion you can enable "Allow in frames" to make reCAPTCHA work and still don't have to worry too much about tracking with

Why does CanvasBlocker need permission X?

Here is the list of permission that CanvasBlocker needs and the reason why it's needed:

PayPal transactions started with "Buy now" button not working!

It's a known fact that the window API protection hinders the completion of all transaction processes initiated via PayPal's "Buy now" button. You have to whitelist for that API for it to work properly.

Page X claims my fingerprint is unique.

Having a unique fingerprint is fine as long as it changes. With the default settings of CanvasBlocker the fingerprint should change all the time. But also with other settings (e.g. the stealth preset) that do not change the fingerprint all the time the fingerprint should be unique per domain and therefore prevent tracking. To test this you can check the different fingerprints on and

My fingerprint does not change when I reload page X.

Some pages do not recalculate the fingerprint upon reload. Make sure you force the recomputation. But also some CanvasBlocker settings make it to not change the fingerprint upon reload (e.g. the stealth preset).

If you have privacy.resistFingerprinting enabled the fingerprints also may stay the same. But in this case you are not trackable as the fingerprint does not leak any information about your system. See here and here for further information.