canTvas

This script prevents Canvas from recieving or logging certain user interactions during quizzes (specifically page_focused and page_blurred).

Install

1. First you need a userscript manager such as: Tampermonkey
   • Chrome
   • Firefox
2. Install the script Here!

Warning

Make sure the script loads before attempting any tomfoolery. You can open up the developer console and check for a console.warn message that looks like this:

[canTvas] Userscript loaded successfully.

If you don't see this, then it may be because the url doesn't fit @match. You will want to change that to fit your needs.

Do note that this script could break depending if Canvas instructure changes the api url:

// testing for quiz events
var regexMatches = new RegExp("*/api/v1/courses/*/quizzes/*/submissions/*/events".replace(/\*/g, "[^ ]*"));

Be cautious and monitor network POST requests to see if any page_focused or page_blurred events are being sent during a quiz. A request payload could look something like this:

If you do not see any payloads with these events then you are probably safe!

How it works

The script will intercept http POST requests and modify the request body to remove the specified events.

Alternative solutions tend to patch (prototype polluting) browser events that send the window.blur and window.focus events.

However, this script takes a different approach by patching window.XMLHttpRequest to intercept and modify the requests before being sent, which achieves the same result. I feel like this is a cleaner approach and doesn't mess with page functionality relating to blur and focus.

Optionally, you can choose to disable the userscript temporarily by opening up the developer tools and type the following:

window.cantvas = false;