Wiki

Home / Options
Chameleon Headers tab

Injection

Block media devices

Prevents media devices from being enumerated. If this option is enabled, websites will not be able to detect if you have a webcam or microphone.

Spoof media devices

Spoof media devices. This option will replace the label of your media devices. For example, if you're using a Mac profile, your webcam label will be spoofed to "FaceTime HD Camera (Built-in)". This will not change the Firefox UI popup. You can test this feature here.

Limit tab history

Spoof tab history number in the window History API.

Protect keyboard fingerprint

The way you type can be used to fingerprint you. Chameleon adds at least a 30ms delay between each keystroke for input fields. Text areas are not included. Specifying a delay value will increase the randomness between keystrokes. For example, if you set the delay value to 5, Chameleon will use a random time from 30ms to 35ms between each key stroke. This option will cause input fields to appear sluggish.

Protect window.name

Can be used to track you across domains. Enabling this options clears this value. More info can be found here.

Spoof Audio Context

Can be used to track you across browsers on the same device. Enabling this options spoofs your audio context fingerprint. More info can be found here.

Spoof client rects

If you're using CanvasBlocker, please make sure that the dom rects option is disabled. It can cause issues with some websites.

Can be used to track you across the web. Enabling this option spoofs your client rectangle fingerprint. More info can be found here.

Spoof font fingerprint

Can be used to track you across browsers on the same device. Enabling this options spoofs your font fingerprint when you use a browser profile. More info can be found here.

Spoof Screen Size

Option Description
Default Don't spoof screen resolution
Profile If a profile is used, the screen resolution will be set to a random resolution for that profile. Takes into account OS and browser differences.
Everything else Uses the resolution taking into account your browser's specific UI settings

Spoof Timezone

Note: Timezone spoofing is only supported with browsers that use an English locale.

This option is not perfect. If you really need to consistently spoof your timezone use a virtual machine or change your machine's time settings You should use this option if you're using a proxy with an IP in a different timezone.

If IP is selected, Chameleon will make a request to https://ipapi.co to get the correct timezone based on the IP address of the browser. If the timezone can not be found the language will be set to English (US) and timezone to UTC. This request is made when starting Firefox and when selecting the IP option. Chameleon will not periodically check your IP to update your browser.

You can create IP rules that will set a language/timezone for an IP address. More info can be found in the IP rules guide.

Standard Options

Enable first party isolation

This option will break some sites!

First party isolation isolates third party cookies to the domain in the address bar. Used to prevent third party cookies from tracking you across domains. This is one of Tor Browser's features that was introduced in Firefox 52. More info can be found here.

First Party Isolation is no longer maintained. Enabling FPI will disable network parititoning and total cookies parititoning. This feature will eventually be removed from the Firefox webextension API. Some more information can be found on the Mozilla blog here

Enable resist fingerprinting

This option will break some sites!

Resist fingerprinting makes the browser report generic information. It will disable some features that can be used to uniquely identify you (WebSpeech, Navigator, local time, etc). More info can be found here.

Disable WebRTC

This option will break some sites!

Disables WebRTC support.

WebRTC Policy

This option will break some sites!

You can disable WebRTC completely, or you can change the WebRTC policy to prevent WebRTC from leaking your IP address.

Option Description
Default Show all interfaces
Use Public and Private interface Use default route, exposes private associated private address
Only use Public interface Hide private IP address
Disable non-proxified UDP Disable WebRTC unless using UDP proxy

Tracking protection mode

Option Description
On Enable tracking protection
Off Disable tracking protection
Enabled in private browsing Only enabled in private windows

WebSockets

  • Allow all websockets
  • Block all 3rd party websocket connections. (different domains)
  • Block all websockets

Cookie Options

Delete cookies and site data after window is closed

Treat all cookies as session cookies.

Cookie Policy

This option will break some sites!
Option Description
Allow all Allow all cookies
Block all Block all cookies
Block 3rd party Block all 3rd party cookies
Allow 3rd party from visited Allow 3rd party cookies only if the cookie's top-level domain already has at least one cookie
Reject trackers Reject cookies from trackers