Library developers fingerprintjs , allowing you to generate a browser identifier in passive mode based on indirect signs, such as screen resolution, WEBGL features, Lists of installed plug-ins and fonts, introduced a new identification method based on the evaluation of the user-based typical application and operating through the test Support in the browser of additional protocol handlers. The code of the script with the implementation of the is published under licenses Mit.
Checking is based on the analysis of handler bindings to 32 popular applications. For example, by defining the presence of URL Telegram: //, Slack: // and Skype: // in the browser, you can conclude about the presence in the Telegram, Slack and Skype applications system, and use this information as a feature when generating the system identifier. Since the list of handlers is the same for all browsers in the system, the identifier does not change when a browser change and can be used in Chrome, Firefox, Safari, Brave, Yandex Browser, Edge and even in Tor Browser.
The method allows you to generate 32-bit identifiers, i.e. It makes sense as an additional feature in combination with other parameters. The most minus is also visibility of identification attempt for the user (with the exception of Tor Browser) – when generating an identifier on the proposed a demonstration page in the lower right corner there is a small one, but A clearly noticeable window in which handlers are triggered long enough.
To determine the availability of the application, the script is attempted to open a link associated with an external handler in the pop-up window, after which the browser displays a dialog to open the contents in the associated application, if the verified application is present, or gives an error code if applications are not in the system. Through a sequential search for standard external handlers and the error code return analysis, you can conclude whether there is a presence in the system of verified programs.
In Chrome 90 For Linux, the method did not work and the browser for all attempts to verify the handler brought a typical confirmation dialog operation (in Chrome for Windows and MacOS method works