Disabling private IP anonymization via WebRTC no longer possible after Chromium update?

Question

Our web application relies on accessing the private IP of the computer on which the browser is running. (The computers are running in a private network without Internet access so we are not concerned with the security risk.)

We previously achieved this by disabling the flag enable-webrtc-hide-local-ips-with-mdns (menu option 'Anonymize local IPs exposed by WebRTC') in Microsoft Edge. The same flag was available in Chrome.

But it seems this option has been removed in a recent Chromium update as I can no longer find the flag in either Chrome or Edge.

Is there a workaround to this where I can achieve the same thing, i.e. allow the private IP to be accessed by the browser?

Answer 1

If you are on the same network as the client, you can obtain the client's IP address from mDNS, just like the browsers do. The procedure is explained in https://datatracker.ietf.org/doc/html/draft-ietf-rtcweb-mdns-ice-candidates-04

In short, whenever you receive a candidate with a connection-address that ends in .local, resolve the address using mDNS. If you are on the same network as the client, this will yield you the client's IP address. If you are not on the same network, then this will yield no result, which is the desired result for privacy reasons.

Note that this protocol is not secure: an attacker on the local network might answer all mDNS queries with its own address, which will cause you to connect to the attacker. You must therefore take care to authenticate the client once you've obtained its address.