CEF Forum

Hi, can you help me, how can i disable WebRTC ? i set proxy in settings, go to whoer.net and find my real ip in WebRTC. I try to disable it, but it doesnt work

Code: Select all

settings.CefCommandLineArgs.Add("proxy-bypass-list", "127.*,192.168.*,10.10.*,193.9.162.*");
              settings.CefCommandLineArgs.Add("proxy-server", "socks5://189.102.64.13:65000");
          //  settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "false");
            settings.CefCommandLineArgs.Add("webrtc.multiple_routes_enabled", "false");
            settings.CefCommandLineArgs.Add("webrtc.nonproxied_udp_enabled", "false");
            settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "disable_non_proxied_udp");
            settings.CefCommandLineArgs.Add("enable-media-stream", "0");
            settings.CefCommandLineArgs.Add("enable_webrtc", "0");
  Cef.Initialize(settings);

Can you help me ?

WebRTC is disabled by default in CEF unless you pass enable-media-stream flag.

Czarek wrote:WebRTC is disabled by default in CEF unless you pass enable-media-stream flag.

if WebRTC is disabled by default why when i go to site whoer.net with proxy he show my real ip ?
code :

Code: Select all

settings.CefCommandLineArgs.Add("proxy-bypass-list", "127.*,192.168.*,10.10.*,193.9.162.*");
              settings.CefCommandLineArgs.Add("proxy-server", "socks5://5.51.249.68:16067");
          //  settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "false");
            //settings.CefCommandLineArgs.Add("webrtc.multiple_routes_enabled", "false");
            //settings.CefCommandLineArgs.Add("webrtc.nonproxied_udp_enabled", "false");
            //settings.CefCommandLineArgs.Add("webrtc.ip_handling_policy", "disable_non_proxied_udp");
            //settings.CefCommandLineArgs.Add("enable-media-stream", "0");
            //settings.CefCommandLineArgs.Add("enable_webrtc", "0");

            // Initialize cef with the provided settings
            Cef.Initialize(settings);
              // Create a browser component
            chromeBrowser = new ChromiumWebBrowser("https://whoer.net/");

Are you referring to viewtopic.php?f=14&t=13350&start=10#p30993 ?

"webrtc.ip_handling_policy" is a preference that must be set using CefRequestContext::SetPreference.

magreenblatt wrote:Are you referring to http://magpcss.org/ceforum/viewtopic.ph ... =10#p30993 ?

"webrtc.ip_handling_policy" is a preference that must be set using CefRequestContext::SetPreference.

pls, can you create a example ? i dont know how use CefRequestContext::SetPreference

casper wrote:

magreenblatt wrote:Are you referring to viewtopic.php?f=14&t=13350&start=10#p30993 ?

"webrtc.ip_handling_policy" is a preference that must be set using CefRequestContext::SetPreference.

pls, can you create a example ? i dont know how use CefRequestContext::SetPreference

I'll let fddima answer your question since I'm not familiar with CefGlue.

The only reliable way to completely disable WebRTC is do private CEF build with GN_DEFINE [c]enable_webrtc=false[/c].


If you don't want to rely on private builds or want enable/disable it dynamically - you can prepare custom request context (never tried it on global context, may be works too?).

Code: Select all

                    // Disables leaking of IPs via WebRTC on standard CEF builds.
                    {
                        // This options obsoleted from Chromium M50, but still exists in source. (Actually they are no more exist on fresh builds (55+?.)
                        cefRequestContext.SetPreferenceIfCan("webrtc.multiple_routes_enabled", false);
                        cefRequestContext.SetPreferenceIfCan("webrtc.nonproxied_udp_enabled", false);

                        // Values:
                        // See webrtc_ip_handling_policy.h for description.
                        // default
                        // default_public_and_private_interfaces
                        // default_public_interface_only
                        // disable_non_proxied_udp
                        cefRequestContext.SetPreferenceIfCan("webrtc.ip_handling_policy", "disable_non_proxied_udp");

                        // media.device_id_salt is chrome-only preference, so there is no way to randomize device ids.
                    }


SetPreferenceIfCan is my extension method, which doesn't generate error if can't set preference (in my case this happens on private builds with webrtc_enabled=false => no rtc => no preferences exist). So, basically you should choose proper ip_handling_policy. After discovering options, you see that there is still exist some cases when it is can work anyway (but any local addresses should be hidden in that case).

Also in that case device ids still may leak. Because device ids can be used for intelligent user tracking, from my understanding - is the only way to deal with them, is completely disable webrtc. Note, that having always random device IDs on each near-persistent user session also subject for user "banning". So if you trying to be anonymous: it is better doesn't provide any info, rather than provide random info.

if I understand you correctly, then you need to rebuild your project with pre-disabled webrtc ? And it is possible to install chrome extension for cefsharp ? for example https://chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia

casper wrote:if I understand you correctly, then you need to rebuild your project with pre-disabled webrtc ? And it is possible to install chrome extension for cefsharp ? for example https://chrome.google.com/webstore/detail/webrtc-network-limiter/npeicpdbkakmehahjeeohfdhnlpdklia

Special build of CEF only. Any bindings what match to same CEF version should keep work without any changes.

fddima wrote:The only reliable way to completely disable WebRTC is do private CEF build with GN_DEFINE [c]enable_webrtc=false[/c].

[...] Also in that case device ids still may leak. Because device ids can be used for intelligent user tracking, from my understanding - is the only way to deal with them, is completely disable webrtc. Note, that having always random device IDs on each near-persistent user session also subject for user "banning". So if you trying to be anonymous: it is better doesn't provide any info, rather than provide random info.

I modified c:\code\chromium_git\update.bat as follows:

Code: Select all

set GN_DEFINES=is_component_build=true enable_webrtc=false

And c:\code\chromium_git\chromium\src\cef\create.bat:

Code: Select all

set GN_DEFINES=is_component_build=true enable_webrtc=false

After building and running the sample cefclient.exe, browsing to https://browserleaks.com/webrtc, WebRTC is still enabled and they are able to get various hardware ID's.

Is there somewhere else this change must be made?

I found an interesting post on StackOverflow where someone claims to have turned it off through modification of common.gypi (https://stackoverflow.com/questions/357 ... c-ip-leaks), which is now in a different file path, but at almost 5 hours to compile, I'd like to get validation of the idea of it first, since I don't see any mention of this anywhere else.