Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

"Imperva" Access Denied

See original GitHub issue

Description

Spoofing something on https://www.corsair.com/uk/en/Categories/Products/Storage/USB-Drives/flash-voyager-gtx-3-1-config/p/CMFVYGTX3C-128GB (an example result from Google) provides this Access Denied screen - widdled it down to CanvasBlocker causing.

Expected Behavior

Access to the site as normal - works with corsair.com whitelisted or CanvasBlocker completely disabled.

Current Behavior

Possible Solution

No idea

Steps to Reproduce (for bugs)

Browse https://www.corsair.com/uk/en/Categories/Products/Storage/USB-Drives/flash-voyager-gtx-3-1-config/p/CMFVYGTX3C-128GB (directly from a Google search) and get hit with an Access Denied

Context

This could potentially affect many other sites using “Imperva”

Your Environment

CanvasBlocker Version used: 1.8
Firefox version incl. 32- or 64-bit: 64bit
Operating System and version (desktop or mobile): Windows 10 LTSC 2021
Installed addons: CanvasBlocker Ublock Origin Dark Reader I Don’t Care About Cookies - yes I have tried with these other ones off

Your Settings

{
	"logLevel": 1,
	"urlSettings": [
		{
			"url": "mail.google.com",
			"protectDOMRect": false
		},
		{
			"url": "onedrive.live.com",
			"protectDOMRect": false
		},
		{
			"url": "paypal.com",
			"protectWindow": false
		}
	],
	"hiddenSettings": {},
	"expandStatus": {
		"protectNavigator": false,
		"allowWindowNameInFrames": false,
		"protectWindow": false,
		"fakeMinimalScreenSize": false
	},
	"displayHiddenSettings": true,
	"whiteList": "",
	"sessionWhiteList": "",
	"blackList": "",
	"blockMode": "fake",
	"protectedCanvasPart": "input",
	"minFakeSize": 10,
	"maxFakeSize": 1000000,
	"rng": "persistent",
	"protectedAPIFeatures": {},
	"useCanvasCache": true,
	"ignoreFrequentColors": 3,
	"minColors": 3,
	"fakeAlphaChannel": false,
	"webGLVendor": "{random vendor}",
	"webGLRenderer": "{random renderer}",
	"webGLUnmaskedVendor": "{random vendor}",
	"webGLUnmaskedRenderer": "{random renderer}",
	"persistentRndStorage": "{\"www.corsair.com\":[146,66,128,107,176,160,67,23,26,156,171,226,28,144,213,119,43,178,93,218,115,43,33,43,46,110,27,230,8,10,1,148,162,44,93,25,216,77,54,227,238,125,92,147,30,125,215,163,236,68,64,21,190,148,254,65,73,76,240,91,136,215,34,249,216,239,254,182,177,170,128,151,178,163,72,128,3,71,216,188,113,45,241,122,114,22,93,162,154,235,251,198,32,168,175,27,136,124,18,60,236,127,221,71,188,172,118,80,223,126,171,163,1,198,190,14,71,151,68,125,118,153,103,74,0,228,94,245],\"github.com\":[14,61,211,208,66,63,136,111,148,24,21,73,112,167,192,229,142,224,154,0,179,64,241,142,188,39,136,74,212,16,218,212,190,105,168,224,125,214,95,206,96,131,69,213,119,104,83,223,106,68,13,83,186,229,173,149,138,127,19,149,29,44,203,132,19,247,22,47,136,214,140,90,113,147,240,123,42,238,218,222,27,133,243,138,184,237,52,219,156,181,116,188,215,73,154,75,254,26,137,69,8,241,119,43,168,246,16,106,201,99,156,86,85,178,157,239,10,120,105,26,16,68,123,219,252,66,50,32]}",
	"persistentIncognitoRndStorage": "",
	"storePersistentRnd": true,
	"persistentRndClearIntervalValue": 0,
	"persistentRndClearIntervalUnit": "days",
	"lastPersistentRndClearing": 1651859608780,
	"sharePersistentRndBetweenDomains": false,
	"askOnlyOnce": "individual",
	"askDenyMode": "block",
	"showCanvasWhileAsking": true,
	"showNotifications": true,
	"highlightPageAction": "none",
	"highlightBrowserAction": "color",
	"displayBadge": true,
	"storeNotificationData": false,
	"storeImageForInspection": false,
	"ignoreList": "",
	"ignoredAPIs": {},
	"showCallingFile": false,
	"showCompleteCallingStack": false,
	"enableStackList": false,
	"stackList": "",
	"protectAudio": true,
	"audioFakeRate": "100",
	"audioNoiseLevel": "minimal",
	"useAudioCache": true,
	"audioUseFixedIndices": true,
	"audioFixedIndices": "2",
	"historyLengthThreshold": 2,
	"protectWindow": true,
	"allowWindowNameInFrames": true,
	"protectDOMRect": true,
	"domRectIntegerFactor": 4,
	"protectSVG": true,
	"protectTextMetrics": true,
	"blockDataURLs": false,
	"protectNavigator": true,
	"navigatorDetails": {},
	"protectScreen": true,
	"screenSize": "",
	"fakeMinimalScreenSize": true,
	"displayAdvancedSettings": true,
	"displayDescriptions": true,
	"theme": "dark",
	"dontShowOptionsOnUpdate": false,
	"disruptSessionOnUpdate": true,
	"updatePending": false,
	"isStillDefault": false,
	"storageVersion": 1
}

Issue Analytics

State:
Created a year ago
Comments:6 (4 by maintainers)

Top GitHub Comments

1reaction

kkapsnercommented, May 8, 2022

… and now it’s not going away when disabling CB.

0reactions

privacyguy123commented, May 8, 2022

It seems you need to go to a link directly to a product on the Corsair page to trigger it initially - I can browse Corsair.com mainpage but it comes back when I try to click a product.

Seems like it might be setting a cookie or something because I need to restart browser sometimes to reproduce.