Skip to content
WebRTC leak detection and validation for privacy concerns
JavaScript HTML
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
index.html Oops misspelling Mar 18, 2018


WebRTC can be used to detect your local IP address without any consent, which has led to it being recommended for use cases that have nothing to do with Real-Time Communication (such as being the StackOverflow-accepted way of getting a user's local IP address in a Chrome Extension).

In some browsers, however, local IP addresses are only exposed if camera and/or microphone access has been granted, which gives the user agency over their privacy, but might complicate some legitimate use cases for WebRTC.

Demo website is here. The website asks for permission to access microphone. On Safari, we see that if this permission is denied then the page does not get host IP addresses. However, on Firefox and Chrome, user permission with respect to camera/video does not matter - the page JavaScript can access your private IP address anyway using WebRTC.

All JavaScript is client-side - we do not send your IP address anywhere. The code is open source for your browsing pleasure.

See also


webrtc-privacy is an Open Source project made available by the project and contributors under the terms of the MIT license.

Copyright (c) 2018

Licensed under the MIT license.

You can’t perform that action at this time.