add advanced webrtc IP handling preference

fix #13668 Test Plan: 1. go to about:preferences#advanced 2. at the bottom, it should show a webrtc policy select menu which defaults to 'default' 3. turn on fingerprinting protection to 'block all' 4. go to https://browserleaks.com/webrtc. it should not show any IPs 5. turn off fingerprinting protection on that page. now it should show IPs 6. in about:preferences#advanced, set webrtc policy to 'default public interface only' 7. reload https://browserleaks.com/webrtc. it should only show the public IP. 8. in about:preferences#advanced, set webrtc policy to 'disable non-proxied UDP' 9. reload https://browserleaks.com/webrtc. it should show no IPs. 10. in about:preferences#advanced, set webrtc policy to 'default public and private interfaces' 11. reload https://browserleaks.com/webrtc. it should show both IPs.
brave · Apr 4, 2018 · 074e87b · 074e87b
1 parent 6c7791c
commit 074e87b
Show file tree

Hide file tree

Showing 6 changed files with 74 additions and 7 deletions.
diff --git a/app/browser/reducers/tabsReducer.js b/app/browser/reducers/tabsReducer.js
@@ -5,10 +5,13 @@
 'use strict'
 
 const appConfig = require('../../../js/constants/appConfig')
+const webrtcConstants = require('../../../js/constants/webrtcConstants')
 const appConstants = require('../../../js/constants/appConstants')
+const settings = require('../../../js/constants/settings')
 const tabs = require('../tabs')
 const windows = require('../windows')
 const {getWebContents} = require('../webContentsCache')
+const {getSetting} = require('../../../js/settings')
 const {BrowserWindow} = require('electron')
 const tabState = require('../../common/state/tabState')
 const siteSettings = require('../../../js/state/siteSettings')
@@ -26,23 +29,27 @@ const {frameOptsFromFrame} = require('../../../js/state/frameStateUtil')
 const {isSourceAboutUrl, isTargetAboutUrl, isNavigatableAboutPage} = require('../../../js/lib/appUrlUtil')
 const {shouldDebugTabEvents} = require('../../cmdLine')
 
-const WEBRTC_DEFAULT = 'default'
-const WEBRTC_DISABLE_NON_PROXY = 'disable_non_proxied_udp'
-
 const getWebRTCPolicy = (state, tabId) => {
+  const webrtcSetting = getSetting(settings.WEBRTC_POLICY)
+  if (webrtcSetting !== webrtcConstants.default) {
+    // Global webrtc setting overrides fingerprinting shield setting
+    return webrtcSetting
+  }
+
   const tabValue = tabState.getByTabId(state, tabId)
   if (tabValue == null) {
-    return WEBRTC_DEFAULT
+    return webrtcConstants.default
   }
+
   const allSiteSettings = siteSettingsState.getAllSiteSettings(state, tabValue.get('incognito') === true)
   const tabSiteSettings =
     siteSettings.getSiteSettingsForURL(allSiteSettings, tabValue.get('url'))
   const activeSiteSettings = siteSettings.activeSettings(tabSiteSettings, state, appConfig)
 
   if (!activeSiteSettings || activeSiteSettings.fingerprintingProtection !== true) {
-    return WEBRTC_DEFAULT
+    return webrtcConstants.default
   } else {
-    return WEBRTC_DISABLE_NON_PROXY
+    return webrtcConstants.disableNonProxiedUdp
   }
 }
 

diff --git a/app/extensions/brave/locales/en-US/preferences.properties b/app/extensions/brave/locales/en-US/preferences.properties
@@ -106,11 +106,11 @@ dashboardShowImages=Show images
 dashlane=Dashlane&reg; (requires application)
 date=Date
 default=Default
-default=Default
 defaultBrowser=Brave is your default browser.
 defaultWalletStatus=Thanks for helping support your favorite websites!
 defaultZoomLevel=Default zoom level
 deletedSitesHeader=Deleted Sites
+disableNonProxiedUdp=Disable non-proxied UDP
 disableTitleMode=Always show the URL bar
 disconnect=Disconnect
 dollarsPaid=Amount
@@ -262,6 +262,8 @@ promotionClaimedErrorMessage=The promotion has ended.
 promotionClaimedErrorText=There may be additional Basic Attention Token promotions in the future so stay tuned
 promotionClaimedErrorTitle=Sorry!
 protocolRegistrationPermission=Protocol registration
+publicOnly=Default public interface only
+publicPrivate=Default public and private interfaces
 publisher=Site
 publisherMediaName={{publisherName}} on {{provider}}
 publishers=Publishers
@@ -388,6 +390,8 @@ viewPaymentHistory= {{date}}
 views=Views
 visit=visit
 visits=Visits
+webrtcPolicy=WebRTC IP Handling Policy
+webrtcPolicyExplanation=What do these policies mean?
 wideURLbar=Use wide URL bar
 widevine=Run Google Widevine
 widevineSection=Google Widevine Support
diff --git a/app/renderer/components/preferences/advancedTab.js b/app/renderer/components/preferences/advancedTab.js
@@ -11,6 +11,7 @@ const locale = require('../../../../js/l10n')
 
 // Actions
 const {getSetting} = require('../../../../js/settings')
+const aboutActions = require('../../../../js/about/aboutActions')
 
 // Components
 const {SettingsList, SettingItem, SettingCheckbox} = require('../common/settings')
@@ -19,6 +20,7 @@ const {DefaultSectionTitle} = require('../common/sectionTitle')
 
 // Constants
 const settings = require('../../../../js/constants/settings')
+const webrtcConstants = require('../../../../js/constants/webrtcConstants')
 const {scaleSize} = require('../../../common/constants/toolbarUserInterfaceScale')
 
 // Utils
@@ -153,6 +155,30 @@ class AdvancedTab extends ImmutableComponent {
           />
           {this.spellCheckLanguages}
         </SettingsList>
+        <DefaultSectionTitle data-l10n-id='webrtcPolicy' />
+        <SettingsList>
+          <SettingDropdown
+            value={(
+              getSetting(settings.WEBRTC_POLICY, this.props.settings)
+            )}
+            onChange={changeSetting.bind(
+              null,
+              this.props.onChangeSetting,
+              settings.WEBRTC_POLICY
+            )}>
+            {
+              Object.keys(webrtcConstants)
+                .map((policy) => <option data-l10n-id={policy} value={webrtcConstants[policy]} />)
+            }
+          </SettingDropdown>
+          <span
+            className={css(styles.link)}
+            data-l10n-id='webrtcPolicyExplanation'
+            onClick={aboutActions.createTabRequested.bind(null, {
+              url: 'https://cs.chromium.org/chromium/src/content/public/common/webrtc_ip_handling_policy.h'
+            })}
+          />
+        </SettingsList>
       </main>
       <footer className={css(styles.moreInfo)}>
         <div data-l10n-id='requiresRestart' className={css(commonStyles.requiresRestart)} />
@@ -179,6 +205,12 @@ const styles = StyleSheet.create({
     marginLeft: '5px'
   },
 
+  link: {
+    cursor: 'pointer',
+    fontSize: '14px',
+    textDecoration: 'underline'
+  },
+
   moreInfo: {
     display: 'flex',
     flex: 1,

diff --git a/js/constants/appConfig.js b/js/constants/appConfig.js
@@ -3,6 +3,7 @@
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 const Immutable = require('immutable')
 const {getTargetAboutUrl} = require('../lib/appUrlUtil')
+const webrtcConstants = require('./webrtcConstants')
 
 // BRAVE_UPDATE_HOST should be set to the host name for the auto-updater server
 const updateHost = process.env.BRAVE_UPDATE_HOST || 'https://laptop-updates.brave.com'
@@ -213,6 +214,7 @@ module.exports = {
     'advanced.toolbar-ui-scale': 'normal',
     'advanced.swipe-nav-distance': 101,
     'advanced.payments-allow-promotions': true,
+    'advanced.webrtc.policy': webrtcConstants.default,
     'shutdown.clear-history': false,
     'shutdown.clear-downloads': false,
     'shutdown.clear-cache': false,

diff --git a/js/constants/settings.js b/js/constants/settings.js
@@ -83,6 +83,7 @@ const settings = {
   TOOLBAR_UI_SCALE: 'advanced.toolbar-ui-scale',
   SWIPE_NAV_DISTANCE: 'advanced.swipe-nav-distance',
   PAYMENTS_ALLOW_PROMOTIONS: 'advanced.payments-allow-promotions',
+  WEBRTC_POLICY: 'advanced.webrtc.policy',
   // Sync settings
   SYNC_ENABLED: 'sync.enabled',
   SYNC_DEVICE_NAME: 'sync.device-name',

diff --git a/js/constants/webrtcConstants.js b/js/constants/webrtcConstants.js
@@ -0,0 +1,21 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+// https://developer.chrome.com/extensions/privacy#type-IPHandlingPolicy
+// see src/content/public/common/webrtc_ip_handling_policy.h for descriptions
+module.exports = {
+  // This is the default behavior of Chrome. Currently, WebRTC has the right to
+  // enumerate all interfaces and bind them to discover public interfaces.
+  default: 'default',
+  // WebRTC should only use the default route used by http. This also exposes
+  // the  associated default private address. Default route is the route chosen
+  // by the OS on a multi-homed endpoint.
+  publicPrivate: 'default_public_and_private_interfaces',
+  // WebRTC should only use the default route used by http. This doesn't
+  // expose any local addresses.
+  publicOnly: 'default_public_interface_only',
+  // WebRTC should only use TCP to contact peers or servers unless the proxy
+  // server supports UDP. This doesn't expose any local addresses either.
+  disableNonProxiedUdp: 'disable_non_proxied_udp'
+}