The main goal of the project is to give back some control to users of web browsers when it comes to web browser APIs that may be abused by sites for user tracking and other invasive activities. The extension may block access to APIs that it supports outright, or manipulate the data that is provided to sites.
The extension modifies and restricts access to web browser APIs. The list of supported APIs is available on the project's GitHub webpage. It includes HTMLCanvasElement, XMLHTTPRequest, ArrayBuffer, Geolocation API, WebWorker, window.name, navigator.sendBeacon, WebGLRenderingContext and others.
Protection is divided into different levels, with level 2 being the default option for all visited websites. Options to set different levels for sites are provided.
- Level 0 -- no protection
- Level 1 -- minimal protection. Only non-functionality breaking changes are applied
- Level 2 -- recommended protection. More protections are applied. Some sites may break.
- Level 3 -- high level of protection. Full protections are applied.
The full list of protections of the levels is found on the project's GitHub page. Network Boundary Shield is enabled by default. It prevents web pages from using the browser "as a proxy between local network and the public Internet".
Just switch the level to another value to set a different protection level for the active site. The Network boundary shield may be disabled for the site as well using the action menu.