BuildWithMatija
Back to Builds
ToolActiveOpen source

incognito.pics

Remove hidden image metadata privately, directly in the browser.

  • React 19
  • Vite
  • Tailwind CSS 4
  • shadcn/ui
  • HTML5 Canvas API
  • piexifjs
  • Vitest
  • c2patool
  • sharp
Live demoGitHubVisit website
Problem
Images can carry hidden metadata that is easy to forget: C2PA provenance manifests, EXIF camera data, XMP metadata, copyright fields, and sometimes GPS location. That creates friction when someone wants to share an image publicly but does not want to expose capture details, location data, or provenance metadata. Many metadata tools require uploading the file somewhere, which creates a second privacy problem.
Thesis
For common image formats, the browser can solve the core privacy problem locally. Canvas re-encoding keeps the visible pixels but drops non-pixel metadata chunks, while piexifjs handles explicit EXIF read/write workflows for JPEG files. The bet is that a simple React app can give users enough control without accounts, server processing, or native software.
Validation
The project is public on GitHub, the README documents the metadata stripping and EXIF editing workflows, and the live site resolves at https://incognito.pics. The repo includes an end-to-end Vitest pipeline using c2patool as the ground-truth verifier for a C2PA-signed test image. There is no documented user count, revenue, analytics, or deployment provider.
Proof points
  • Live at https://incognito.pics
  • Public GitHub repository at https://github.com/matija2209/incognito.pics
  • README documents local browser processing with no server uploads.
  • Metadata stripper supports JPEG, PNG, and WebP uploads.
  • EXIF editor can edit common fields and remove GPS location data.
  • Vitest pipeline verifies C2PA removal with c2patool against a C2PA-signed PNG test fixture.
  • README marks batch processing, video/audio support, server-side processing, and steganographic watermark removal as out of scope.
Audience
  • Creators who want to share images without exposing hidden metadata
  • People removing GPS location data before publishing photos
  • Developers or privacy-conscious users checking whether an image contains C2PA, EXIF, or XMP metadata
  • Anyone who wants a local browser tool instead of uploading images to an online converter

Executive summary

incognito.pics is a browser-based image privacy tool.

It has two main modes:

  1. Metadata Stripper — upload a JPEG, PNG, or WebP image, re-encode it in the browser with the Canvas API, preview the cleaned result, inspect detected metadata, and download a stripped copy.
  2. EXIF Editor — view and edit common EXIF fields, including title, author, copyright, camera make/model, date taken, and GPS location removal.

The important constraint is privacy: the README and UI both state that processing happens locally in the browser, without server uploads.

The problem

Images can contain more than pixels.

A normal-looking photo or generated image can include C2PA provenance data, EXIF camera settings, XMP metadata, copyright fields, software identifiers, and GPS coordinates. That data can be useful in some contexts, but unwanted when sharing an image publicly.

The usual solution is either too technical or requires uploading the image to a third-party tool. For privacy-sensitive images, uploading the file to remove privacy-sensitive metadata is not a good trade.

incognito.pics tries to keep the workflow local, visible, and simple.

The thesis

The core bet is that the browser already has enough primitives to solve most of the problem.

When an image is drawn to an HTML canvas and exported again with canvas.toBlob(), the browser creates a fresh image file from pixel data. That naturally drops non-pixel metadata chunks such as C2PA manifests, EXIF data, and XMP tags.

For EXIF editing, the project uses piexifjs. JPEG files can be edited directly. Other image formats are converted to JPEG first, because piexifjs writes EXIF data to JPEG.

This keeps the app small and avoids a backend processing pipeline.

What I built

Metadata stripping

The stripping flow loads the selected image in the browser, reads its metadata, re-encodes it through Canvas, and creates a downloadable cleaned blob.

Supported upload formats in the stripper are:

  • JPEG
  • PNG
  • WebP

The app shows a side-by-side preview of the original and cleaned image, then offers a one-click download with a stripped- filename prefix.

Metadata detection

The app includes a custom binary metadata reader for JPEG, PNG, and WebP.

It detects categories such as:

  • C2PA
  • EXIF
  • XMP
  • ICC / other chunks

For C2PA, the reader includes JUMBF parsing logic and can show nested box structure in the metadata viewer.

The UI groups detected metadata into tabs so the user can see what was found before downloading the cleaned version.

EXIF editor

The EXIF editor is a separate mode inside the same app.

It can read and edit common fields:

  • title / description
  • author / artist
  • copyright
  • camera make
  • camera model
  • date taken

It also displays read-only technical fields when present:

  • ISO
  • exposure time
  • aperture
  • focal length
  • focal length in 35mm
  • orientation

GPS data gets special treatment. If GPS coordinates are present, the user can remove location data with one click before saving.

Non-JPEG handling

EXIF writing is JPEG-only because of the piexifjs limitation.

The app handles this by converting non-JPEG images to JPEG before editing. The UI tells the user when an image has been converted. Transparent backgrounds are filled with white during conversion.

That is a practical compromise: the editor supports more input formats, but the saved EXIF-edited output is a JPEG.

Testing

The repo includes an end-to-end metadata stripping test.

The test uses a fixture image, tests/linkedin-pm-post.png, described in the README as an AI-generated image with a C2PA Content Credential signed by OpenAI. The test uses c2patool as the ground-truth verifier to confirm the original file has a C2PA manifest, then uses sharp to re-encode the image in a way that mirrors the Canvas flow, and finally verifies that no C2PA manifest remains.

The test also checks that:

  • the custom metadata reader detects C2PA in the original
  • the stripped file has no metadata according to the custom reader
  • dimensions are preserved
  • the output is a valid PNG

Architecture

text
Browser
  → React / Vite app
  → DropZone / file input
  → metadata reader
  → Canvas API re-encode
  → side-by-side preview
  → local download

EXIF mode
  → image input
  → piexifjs read
  → editable fields
  → optional GPS removal
  → piexifjs write
  → local JPEG download

Current status

Active and public. The live site at incognito.pics serves the metadata stripper and EXIF editor. The codebase is open source on GitHub. Vitest covers C2PA removal with c2patool as ground truth.

Batch processing, video/audio support, server-side processing, and steganographic watermark removal remain out of scope per the README. No documented user count or analytics.

Related services

  • Internal tools

Working through something similar?

If your company has a workflow, content system, or internal process that needs to become real software, this is the kind of work I can help with.

Get in touch

Related builds

You might also find these useful

ToolActiveOpen source

DropImg

A self-hosted, Docker-first image hosting tool — drag, drop, or paste to get instant public URLs, with built-in multi-user support, S3-compatible storage, and optional background removal.

  • React 19
  • Vite
  • Hono
  • Node.js
  • TypeScript
  • Tailwind CSS 4
  • SQLite
  • Drizzle ORM
  • Garage S3
  • Docker
  • Better Auth
  • Cloudflare
View buildGitHub
ToolActiveClosed source

Home Cloud

Home Cloud is a self-hosted personal cloud for storing, browsing, uploading, and streaming photos and videos from a local drive. It splits the system into a Payload CMS control plane, a React/Vite frontend, and a Go fileserver for chunked uploads and media delivery.

  • Payload CMS 3
  • Next.js 16
  • React 19
  • Vite 8
  • TypeScript
  • Go 1.22
  • PostgreSQL
  • Docker Compose
  • pnpm
  • Tailwind CSS
  • HTTP Range Requests
  • Short-lived signed URLs
View build
ToolActiveDemo available

PromptSync

PromptSync is a lightweight browser-based teleprompter and presentation viewer. It lets one device control script content, scroll position, autoplay, and display settings while one or more viewer devices stay synchronized in real time.

  • Node.js
  • WebSockets
  • HTML
  • JavaScript
  • SCSS
  • Docker
  • GitHub Actions
  • nginx
View buildLive demo
Build with Matija logo

Build with Matija

Modern websites, content systems, and AI workflows built for long-term growth.

Services

  • Headless CMS Websites
  • Next.js & Headless CMS Advisory
  • AI Systems & Automation
  • Website & Content Audit

Resources

  • Case Studies
  • How I Work
  • Blog
  • Topics
  • CMS Hub
  • E-commerce Hub
  • B2B Website Strategy
  • Dashboard

Headless CMS

  • Payload CMS Developer
  • CMS Migration
  • Multi-Tenant CMS
  • Payload vs Sanity
  • Payload vs WordPress
  • Payload vs Contentful

Get in Touch

Ready to modernize your stack? Let's talk about what you're building.

Book a discovery callContact me →
© 2026Build with Matija•All rights reserved•Privacy Policy•Terms of Service
BuildWithMatija
Get In Touch