ProPrivacy is reader supported and sometimes receives a commission when you make purchases using links on this site.

How to block canvas fingerprinting

Canvas fingerprinting is a special form of browser fingerprinting developed and used primarily (over 95 percent) by web analytics firm AddThis, although other companies such Plenty of Fish and German digital marketer Ligatus are also guilty.

As with browser fingerprinting, it is a sneaky way to uniquely identity web users’ browsers, so that individuals can be tracked for advertising purposes as they visit different sites across the web.

It is a script that works by asking your browser to draw a hidden image, and uses tiny variations in how the image is drawn to generate a unique ID code, which can then be used to track you.

Because canvas fingerprinting requires both the , it can be effectively blocked by disabling JavaScript in your browser. In terms of security this is a great idea anyway, but since much of the functionality of the web relies on JavaScript to work, for many  this will be a somewhat nuclear option that overly negatively impacts their browsing experience.

Similarly, the Firefox Add-on NoScript can be used to block JavaScript from known fingerprinters such as AddThis, but using it requires decision making and the knowledge/research on which to base these decisions (NoScript can block JavaScript by default, but this brings with it similar problems to simply disabling JavaScript.) We should stress, however, that for advanced users who don’t mind the hassle, NoScript is the best defence against a wide range of internet threats.

In theory you can install the AddThis opt-out cookie to opt out of targeted advertising by AddThis, but this means that you have to trust AddThis to keep their keep its word over not targeting you for ads, and does not anyway protect you from actually being fingerprinted.

A far better solution (and much less intrusive than blocking JavaScript or using NoScript) is the CanvasBlocker  Firefox Add-on. This blocks canvas elements on a webpage, while also giving users control of exactly which elements are blocked.

Canvas fingerprint before

Canvas fingerprint before using CanvasBlocker

canvas fingerprint faked

Canvas fingerprint using CanvasBlocker in default ‘fake readout’ mode (screenshot also shows available CanvasBlocker options)

CanvasBlocker options

In addition to the default ‘fake readout’ mode, you can chose how CanvasBlocker deals with canvas requests by default (block readout, ask for readout, block everything, allow only on whitelist, ask for permission, block only black list, and allow everything)

An interesting option is to allow canvas in PDF’s, as Firefox’s native PDF reader uses canvas to display PDF content.

You can check whether CanvasBlocker (or any other canvas fingerprinting blocking method) is working, visit the HTML5 Canvas Fingerprinting test page on

The CanvasBlocker Add-on for Firefox can be downloaded here, and Chrome users can download a similar extension called CanvasFingerprintBlock here.

Written by: Douglas Crawford

Has worked for almost six years as senior staff writer and resident tech and VPN industry expert at Widely quoted on issues relating cybersecurity and digital privacy in the UK national press (The Independent & Daily Mail Online) and international technology publications such as Ars Technica.


Leonard Freitz
on February 9, 2018
How about Canvas Defender, or Privacy Manager from Ivan Iovation ? They combat canvas fingerprint, as CanvasBlocker I need a natural way, not blocking the canvas, but change it, if posible change the video graphic card to generate new canvas. Changeing the graphic wold change the canvas naturaly. From what I saw, only Privacy Manager can do this task, but i need a free solutions ...
Douglas Crawford replied to Leonard Freitz
on February 9, 2018
Hi Leonard, I have been recommending the Canvas Defender add-on for some time now, but Firefox (58+) now features canvas fingerprinting protection. I think this makes Canvas Defender somewhat redundant. As far as I know, both these solutions simply block requests from websites that can be used to canvas fingerprint visitors. I don;t know anything about Privacy Manager from Ivan Iovation (and avoid proprietary solutions anyway), bf you want to actually change your _browser_ fingerprint, then you might want to try using Random Agent Spoofer.

Write Your Own Comment

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

Your comment has been sent to the queue. It will appear shortly.

  Your comment has been sent to the queue. It will appear shortly.

We recommend you check out one of these alternatives:

The fastest VPN we test, unblocks everything, with amazing service all round

A large brand offering great value at a cheap price

One of the largest VPNs, voted best VPN by Reddit

One of the cheapest VPNs out there, but an incredibly good service