Closed Bug 1066216 Opened 10 years ago Closed 10 years ago

[SECURITY] Firefox disseminates LAN info to the web servers it accesses

Categories

(Firefox :: Untriaged, defect)

Product:
Firefox
Component:
Untriaged
Version:
31 Branch
Platform:
x86_64
FreeBSD
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 959893

People

(Reporter: yuri, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; FreeBSD amd64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36

Steps to reproduce:

Go to http://www.whatismybrowser.com/


Actual results:

Section "Your local IP addresses" shows my local computer's LAN addresses.


Expected results:

This information is not relevant to the web browsing. The only IP address they should know is the public address on the internet from which the browser connects.
http://net.ipcalf.com/

Can set media.peerconnection.enabled to false as workaround.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Resolution: --- → DUPLICATE
Note also that it's possible to scan LANs to determine active IPs without WebRTC (<img>-loading failure timing, etc), and likely to infer own-IP.
You need to log in before you can comment on or make changes to this bug.