Skip to content
GitLab
Closed (moved) (moved)
Issue created by Trac@tracbot

Testing navigator.mimeTypes for known names can reveal info and increase fingerprinting risk

I gathered a list of MIME Types from IANA and other sources. Then explicitly used each type to check if navigator.mimeTypes[type] === undefined. I found that I could detect quite a few MIME Types in this way. Including some types that are related to specific application programs and/or peripheral devices.

I maxed the security slider, which disabled Javascript by default and broke the test script. However, after I whitelisted the test script I was able to achieve the same results.

I was testing Tor Browser 5.0.3 for Windows.

Trac:
Username: TemporaryNick

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information