NahNotToday — Patch Notes

Version history and changelog for NahNotToday — anti-fingerprinting Chrome extension.

v1.4.12

Fixed:

• YouTube — Videos no longer crash when UA spoofing is enabled. Removed aggressive navigator object replacement with a simple JS object, which previously broke the iframe-based video player and YouTube's internal checks.
• Google reCAPTCHA — Captchas now pass verification correctly. Removed Object.getOwnPropertyDescriptor and document.createElement interceptions that were detected as tampering
• Cloudflare Turnstile — The Cloudflare widget no longer blocks access.
• Client Hints — When UA spoofing is active, Sec-CH-UA-* HTTP headers are automatically removed and navigator.userAgentData is hidden to prevent leaking the real browser identity.
• Iframe & Web Worker Leaks — Spoofed User-Agent is now consistent across all contexts: main frame, iframes, and Web Workers all return identical values.

AudioContext Spoofing:

• Fixed "AudioContext was not allowed to start" error — Gain node creation is now deferred until state === 'running' instead of being called in the constructor before a user gesture.

Canvas & WebGL Spoofing:

• Fixed "Canvas2D: Multiple readback operations..." warning — Intercepting all getContext('2d') calls and automatically injecting { willReadFrequently: true }.
• Added WebGL Enum Whitelist — Implemented a whitelist of valid getParameter enums (WebGL 1.0 + 2.0) to block the flood of "INVALID_ENUM: getParameter" errors caused by aggressive scanners.
• Cleaned up Extension Enums — Removed blind registration of extension enums; only specification-compliant getParameter parameters are handled.

Font Spoofing:

• Expanded Font Pool — Pool increased from 10 to 60+ fonts (Windows, Mac, and cross-platform).
• Session Font Count — Number of "installed" fonts per session increased to 35–55 (was 4–9).
• Inverted Logic — Shifted from blocking unauthorized fonts to fake "installation" using stable metric offsets (widthFactor ±2.4%, heightOffset ±1.5px).
• Core Web Fonts — Always included and enabled.

v1.4.11

New Features

• Added version number in the header linking to patch notes
• Added bug report button — send feedback directly from the extension via email

Improvements

• Empty ad containers are now hidden after ad blocking — works with standard ad class names. Note: sites using custom or obfuscated class names (e.g. large media outlets) may still show empty containers

v1.4.9

Bug Fixes

• Fixed cookies showing as detected on sites that don't actually use them
• Fixed "Data not received" displaying in black text on dark background in Information tab

Improvements

• Improved existing translations (RU, DE, FR, ES) — replaced awkward machine-translated phrases with natural wording

New Languages

• Added Chinese (Simplified) interface
• Added Portuguese (Brazilian) interface

v1.4.7

Whitelist:

• Added Whitelist tab — domains added here are fully excluded from all protection
• Spoofing (Canvas, WebGL, Audio, Language, Screen Resolution, UA) disabled for whitelisted sites
• Cookie/tracker blocking disabled for whitelisted sites
• Accept-Language header restored for whitelisted sites
• Extension badge shows "WL" (yellow) when current site is whitelisted
• Info and Defense tabs show warning banner when site is whitelisted
• Alert shown after adding a site with instructions to clear cookies/cache
• Page auto-reloads after adding site to whitelist so changes take effect immediately
• Popup closes after 500ms on Apply

Bug Fixes:

• Fixed Illegal invocation error due to language injection on some sites
• Fixed Cannot set property matches error due to Screen Resolution for MediaQueryList
• Fixed language spoofing not resetting Accept-Language header for whitelisted sites
• Fixed content scripts injecting into sandboxed iframes
• Removed noisy console errors from inject files that appeared in extension error panel

v1.3.7

• Massive Privacy Engine Update: Rebuilt the core tracking protection database using the latest AdGuard and EasyPrivacy filters. We are now blocking over 173,000+ unique tracking and advertising domains.
• Enhanced Cookie Protection: Improved blocking of cross-site trackers and data-collection beacons to keep your personal data private.
• Major Performance Optimization: We’ve re-engineered our ruleset architecture, reducing the rules file size by 2.5x.
• Lighter Footprint: The extension now consumes significantly less disk space and memory while providing even more aggressive protection.
• Faster Loading: Optimized JSON structure ensures near-instant rule indexing by the browser, making your web surfing smoother than ever.

v1.3.6

• Aggressive screen resolution spoofing was causing errors on some sites, even when it was turned off. We’ve replaced it with a lighter method, and now all sites load without errors.

v1.3.5

• Added translations: Spanish, French, German, Russian
• Fixed browser language spoofing — navigator.languages now spoofs correctly
• Fixed mismatch between the number of checks shown on the extension badge vs. the Info tab
• Optimized code for lower load and faster rendering on heavy pages
• Improved time spoofing — fixed an issue where spoofed values could reset to the real ones after reopening the extension popup

v1.2.4

• Added font fingerprint spoofing — a consistent fake profile is used per session.

v1.1.4

User-Agent Spoofing Improvements:

• Requests using the User-Agent string now return fully spoofed values in all cases.

New iframe-based spoofing methods added:

• navigator.userAgent is now spoofed via a sandboxed iframe, blocking external scripts from accessing or modifying the real navigator object.
• navigator.appVersion now uses the same iframe isolation technique to return spoofed values reliably.