Closed Bug 1680213 Opened 3 years ago Closed 3 years ago

public IP exposed upon viewing source of a website when using VPN add on

Categories

(WebExtensions :: Request Handling, defect)

Product:
WebExtensions
Component:
Request Handling
Version:
Firefox 83
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1657916

People

(Reporter: povilas.juodzevicius, Unassigned)

Details

User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36

Steps to reproduce:

  1. Start the NordVPN (v2.21.0, OS X Catalina, 64 bit) add on
  2. Select any country to connect to
  3. Visit https://dnsleaktest.com/ (or any other IP-showing website)
  4. Click view source
  5. Find the original user location and IP address in the source code

Actual results:

The original user IP and location are shown in the view-source:// tab.

Expected results:

The masked user IP and location should be shown in the view-source:// tab.

Shane, is this a dupe of bug 1657916?

Component: Untriaged → Request Handling
Flags: needinfo?(mixedpuppy)
Product: Firefox → WebExtensions

Yes and it is fixed in 84.

Status: UNCONFIRMED → RESOLVED
Closed: 3 years ago
Flags: needinfo?(mixedpuppy)
Resolution: --- → DUPLICATE
Group: firefox-core-security
You need to log in before you can comment on or make changes to this bug.