Disable WebRTC (ip leaks) CefSharp

Having problems with building or using the CefGlue .NET/Mono binding? Ask your questions here.

Moderator: fddima

Disable WebRTC (ip leaks) CefSharp

Postby casper » Sun Jun 04, 2017 12:27 pm

Hi, can you help me, how can i disable WebRTC ? i set proxy in settings, go to whoer.net and find my real ip in WebRTC. I try to disable it, but it doesnt work
Code: Select all
settings.CefCommandLineArgs.Add("proxy-bypass-list", "127.*,192.168.*,10.10.*,193.9.162.*");
              settings.CefCommandLineArgs.Add("proxy-server", "socks5://189.102.64.13:65000");
          //  settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "false");
            settings.CefCommandLineArgs.Add("webrtc.multiple_routes_enabled", "false");
            settings.CefCommandLineArgs.Add("webrtc.nonproxied_udp_enabled", "false");
            settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "disable_non_proxied_udp");
            settings.CefCommandLineArgs.Add("enable-media-stream", "0");
            settings.CefCommandLineArgs.Add("enable_webrtc", "0");
  Cef.Initialize(settings);


Can you help me ?
casper
Techie
 
Posts: 11
Joined: Sun Jun 04, 2017 12:21 pm

Re: Disable WebRTC (ip leaks) CefSharp

Postby Czarek » Mon Jun 05, 2017 8:01 am

WebRTC is disabled by default in CEF unless you pass enable-media-stream flag.
Maintainer of the CEF Python, PHP Desktop and CEF C API projects. My LinkedIn.
User avatar
Czarek
Virtuoso
 
Posts: 1927
Joined: Sun Nov 06, 2011 2:12 am

Re: Disable WebRTC (ip leaks) CefSharp

Postby casper » Mon Jun 05, 2017 9:00 am

Czarek wrote:WebRTC is disabled by default in CEF unless you pass enable-media-stream flag.

if WebRTC is disabled by default why when i go to site whoer.net with proxy he show my real ip ? Image
code :
Code: Select all
settings.CefCommandLineArgs.Add("proxy-bypass-list", "127.*,192.168.*,10.10.*,193.9.162.*");
              settings.CefCommandLineArgs.Add("proxy-server", "socks5://5.51.249.68:16067");
          //  settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "false");
            //settings.CefCommandLineArgs.Add("webrtc.multiple_routes_enabled", "false");
            //settings.CefCommandLineArgs.Add("webrtc.nonproxied_udp_enabled", "false");
            //settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "disable_non_proxied_udp");
            //settings.CefCommandLineArgs.Add("enable-media-stream", "0");
            //settings.CefCommandLineArgs.Add("enable_webrtc", "0");

            // Initialize cef with the provided settings
            Cef.Initialize(settings);
              // Create a browser component
            chromeBrowser = new ChromiumWebBrowser("https://whoer.net/");
casper
Techie
 
Posts: 11
Joined: Sun Jun 04, 2017 12:21 pm

Re: Disable WebRTC (ip leaks) CefSharp

Postby magreenblatt » Mon Jun 05, 2017 9:12 am

Are you referring to viewtopic.php?f=14&t=13350&start=10#p30993 ?

"webrtc.ip_handling_policy" is a preference that must be set using CefRequestContext::SetPreference.
magreenblatt
Site Admin
 
Posts: 12382
Joined: Fri May 29, 2009 6:57 pm

Re: Disable WebRTC (ip leaks) CefSharp

Postby casper » Mon Jun 05, 2017 9:27 am

magreenblatt wrote:Are you referring to http://magpcss.org/ceforum/viewtopic.ph ... =10#p30993 ?

"webrtc.ip_handling_policy" is a preference that must be set using CefRequestContext::SetPreference.


pls, can you create a example ? i dont know how use CefRequestContext::SetPreference
casper
Techie
 
Posts: 11
Joined: Sun Jun 04, 2017 12:21 pm

Re: Disable WebRTC (ip leaks) CefSharp

Postby magreenblatt » Mon Jun 05, 2017 10:15 am

casper wrote:
magreenblatt wrote:Are you referring to viewtopic.php?f=14&t=13350&start=10#p30993 ?

"webrtc.ip_handling_policy" is a preference that must be set using CefRequestContext::SetPreference.


pls, can you create a example ? i dont know how use CefRequestContext::SetPreference

I'll let fddima answer your question since I'm not familiar with CefGlue.
magreenblatt
Site Admin
 
Posts: 12382
Joined: Fri May 29, 2009 6:57 pm

Re: Disable WebRTC (ip leaks) CefSharp

Postby fddima » Mon Jun 05, 2017 10:31 am

The only reliable way to completely disable WebRTC is do private CEF build with GN_DEFINE [c]enable_webrtc=false[/c].


If you don't want to rely on private builds or want enable/disable it dynamically - you can prepare custom request context (never tried it on global context, may be works too?).

Code: Select all
                    // Disables leaking of IPs via WebRTC on standard CEF builds.
                    {
                        // This options obsoleted from Chromium M50, but still exists in source. (Actually they are no more exist on fresh builds (55+?.)
                        cefRequestContext.SetPreferenceIfCan("webrtc.multiple_routes_enabled", false);
                        cefRequestContext.SetPreferenceIfCan("webrtc.nonproxied_udp_enabled", false);

                        // Values:
                        // See webrtc_ip_handling_policy.h for description.
                        // default
                        // default_public_and_private_interfaces
                        // default_public_interface_only
                        // disable_non_proxied_udp
                        cefRequestContext.SetPreferenceIfCan("webrtc.ip_handling_policy", "disable_non_proxied_udp");

                        // media.device_id_salt is chrome-only preference, so there is no way to randomize device ids.
                    }


SetPreferenceIfCan is my extension method, which doesn't generate error if can't set preference (in my case this happens on private builds with webrtc_enabled=false => no rtc => no preferences exist). So, basically you should choose proper ip_handling_policy. After discovering options, you see that there is still exist some cases when it is can work anyway (but any local addresses should be hidden in that case).

Also in that case device ids still may leak. Because device ids can be used for intelligent user tracking, from my understanding - is the only way to deal with them, is completely disable webrtc. Note, that having always random device IDs on each near-persistent user session also subject for user "banning". So if you trying to be anonymous: it is better doesn't provide any info, rather than provide random info.
fddima
Master
 
Posts: 788
Joined: Tue Dec 07, 2010 6:10 am

Re: Disable WebRTC (ip leaks) CefSharp

Postby casper » Mon Jun 05, 2017 10:58 am

if I understand you correctly, then you need to rebuild your project with pre-disabled webrtc ? And it is possible to install chrome extension for cefsharp ? for example https://chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia
casper
Techie
 
Posts: 11
Joined: Sun Jun 04, 2017 12:21 pm

Re: Disable WebRTC (ip leaks) CefSharp

Postby fddima » Mon Jun 05, 2017 1:38 pm

casper wrote:if I understand you correctly, then you need to rebuild your project with pre-disabled webrtc ? And it is possible to install chrome extension for cefsharp ? for example https://chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia

Special build of CEF only. Any bindings what match to same CEF version should keep work without any changes.
fddima
Master
 
Posts: 788
Joined: Tue Dec 07, 2010 6:10 am

Re: Disable WebRTC (ip leaks) CefSharp

Postby tech5678 » Mon Mar 15, 2021 2:50 pm

fddima wrote:The only reliable way to completely disable WebRTC is do private CEF build with GN_DEFINE [c]enable_webrtc=false[/c].

[...] Also in that case device ids still may leak. Because device ids can be used for intelligent user tracking, from my understanding - is the only way to deal with them, is completely disable webrtc. Note, that having always random device IDs on each near-persistent user session also subject for user "banning". So if you trying to be anonymous: it is better doesn't provide any info, rather than provide random info.


I modified c:\code\chromium_git\update.bat as follows:

Code: Select all
set GN_DEFINES=is_component_build=true enable_webrtc=false

And c:\code\chromium_git\chromium\src\cef\create.bat:

Code: Select all
set GN_DEFINES=is_component_build=true enable_webrtc=false

After building and running the sample cefclient.exe, browsing to https://browserleaks.com/webrtc, WebRTC is still enabled and they are able to get various hardware ID's.

Is there somewhere else this change must be made?

I found an interesting post on StackOverflow where someone claims to have turned it off through modification of common.gypi (https://stackoverflow.com/questions/357 ... c-ip-leaks), which is now in a different file path, but at almost 5 hours to compile, I'd like to get validation of the idea of it first, since I don't see any mention of this anywhere else.
tech5678
Techie
 
Posts: 10
Joined: Fri Aug 14, 2020 11:01 am

Next

Return to CefGlue Forum

Who is online

Users browsing this forum: No registered users and 15 guests