Introduce canvasPixelTest() intended to validate canvas functionality

Browsers and plugins that spoof canvas data produce corrupt images. In attempt to mitigate: * Add canvasPixelTest() to test a single pixel and test the RGB values * Test canvasPixelTest() inside generateInitialsImage() and use default `/user.png` if failure detected * Call canvasPixelTest() directly within settings to avoid setting an invalid image * Use toast.error() with 10 second autoClose
2024-04-05 16:04:00 -06:00 · 2024-04-05 16:04:00 -06:00 · ac9308dbed
commit ac9308dbed
parent c8f7bb990c
3 changed files with 55 additions and 3 deletions
--- a/src/lib/components/chat/Settings/Account.svelte
+++ b/src/lib/components/chat/Settings/Account.svelte
@ -6,7 +6,7 @@
 	import { updateUserProfile } from '$lib/apis/auths';

 	import UpdatePassword from './Account/UpdatePassword.svelte';
-	import { generateInitialsImage } from '$lib/utils';
+	import { generateInitialsImage, canvasPixelTest } from '$lib/utils';
 	import { copyToClipboard } from '$lib/utils';

 	const i18n = getContext('i18n');
@ -148,7 +148,13 @@
 				<button
 					class=" text-xs text-gray-600"
 					on:click={async () => {
-						profileImageUrl = generateInitialsImage(name);
+						if (canvasPixelTest()) {
+							profileImageUrl = generateInitialsImage(name);
+						} else {
+							toast.error("Canvas pixel test failed, fingerprint evasion likely. Disable fingerprint evasion and try again!", {
+								autoClose: 1000 * 10,
+							});
+						}
 					}}>{$i18n.t('Use Gravatar')}</button
 				>
 			</div>