Browse by Topic: Using StartMail
I see a popup about a <canvas> tag - what does this mean?
Last modified on 21 June 2017 10:33 AM

Depending on your browser's configuration, security settings, or use of browser extensions that analyse site content, you may see a popup referring to the use of a "canvas" element on the StartMail web site. The canvas element is an HTML5 element that is used for drawing content in a web page.

The canvas element is a valid and useful feature in HTML for websites that is widely supported across browsers. Canvas requests are not in and of themselves harmful, although unfortunately some websites may use it for unintended purposes. We do not, and we are very transparent in what data we do in fact collect on our visitors and you can read that in our privacy policy.

StartMail does actually not rely on use of the canvas element when rendering content on its web site. Since we do not use the canvas element, you might ask why a request is shown. This is because we use web frameworks, such as modernizr in this case, to make our website work well across browsers, and to make it easier for our developers to build consistent and predictable experiences for users on our sites. Modernizr accomplishes this by checking browser compatibility for many features that browsers could have, so we can easily switch between the latest and greatest web features and support for older browsers that might not be as capable.

In this case, modernizr checks for canvas element support for us, just in case we might want to use it. In order to do so, it needs to try and render a canvas element. The canvas element is set to be invisible, so as not to disturb your browsing experience. This 'invisible' aspect may trigger the warning.

To be fully clear, we want to point out that although we use third-party frameworks like modernizr, we do not link to external sources for these files. In most cases, websites will load resources like this from Google-hosted files to reduce their own hosting burden. A consequence of this is that data about you may be leaked as requests are made off-site. By hosting all site resources on our own servers, we prevent adversaries from retro-fitting a tracker or other means of spying that can be accomplished by modifying the remotely-hosted files. When visiting Startmail.com, you should never see a request to a domain that is not owned by us.

Please click here to read about other security features StartMail has implemented.

(2 vote(s))
This article was helpful
This article was not helpful

Still haven't found the answer to your question? Click here to contact support.