search

mindedsecurity / behave

Behave! A monitoring browser extension for pages acting as "bad boi"
GNU General Public License v3.0
330 stars 22 forks source link

Firefox (and maybe Edge) details.ip = null causes False Positives #3

Closed wisec closed 4 years ago

wisec commented 4 years ago

Firefox from time to time seems to not populate details.ip and sets it to null. Chrome/Chromium, so far, has always set details.ip.

https://github.com/mindedsecurity/behave/blob/master/background.js#L481

chrome.webRequest.onResponseStarted.addListener(function (details) {
  if (shouldMonitor()) {
    const requestInfo = requestMap[details.requestId];
    if (details.tabId !== -1 && requestInfo) {
      debuglog(details, requestInfo);

      maybeRebinding(details.ip, requestInfo);
[...]

This might lead to False Positives or False Negatives on Firefox - and maybe Edge too.

wisec commented 4 years ago

It might be related to cached content, as I'm observing that when happens details.fromCache is true. I'll keep browsing with Firefox to see if this behavior is coherent.

Cross browser implementations, you gotta love them :sweat_smile:

wisec commented 4 years ago

There you go:

remote/observers/NetworkObserver.jsm:      // remoteAddress is not defined for cached requests.

Edit: or not ..

wisec commented 4 years ago

Fixed