Bug #723


Connects to when tapping on an input field

Added by Zounp . over 1 year ago. Updated about 1 year ago.

Next Release
Start date:
Due date:
% Done:


Estimated time:


Privacy Browser connects to
Connecting to thirdparty services is not what I expect from a privacy browser.
I think this behaviour must be deleted.


Requests Screenshot.png (141 KB) Requests Screenshot.png Soren Stoutner, 05/31/2021 03:00 PM
Autofill Service.png (53.2 KB) Autofill Service.png Soren Stoutner, 05/31/2021 04:47 PM
Actions #1

Updated by Soren Stoutner over 1 year ago

  • Priority changed from 3.x to Next Release

I agree that this is very concerning.

What were you doing in the app when it tried to connect to

What tool are you using to detect that Privacy Browser is attempting to connect to

Actions #2

Updated by Zounp . over 1 year ago

Yes indeed, that is what you need to know.

I use the Netguard firewall on LineageOS 18 (Android 11) to see what is happening.

I will try to reproduce it.
Aha, I think I found it. An website of which I did not expect it.
In the mean time I noticed that, while I was testing with one website, two other domains appeared in the Netguard Privacy Browser section.
Those I have visited before but not while I was testing, nor had they any tabs open and I had Privacy browser exited with the Clear and Exit” section > Clear everything on (active).

I am struggling to understand the exact behavior of Netguard. I need to figure Netguard out before I can continue with reproducing (or not) the findings above.
This can take some time. Expect weeks.

Actions #3

Updated by Soren Stoutner over 1 year ago

Do you see these connections listed in the Requests section of Privacy Browser (see attached screenshot)? If not, that is very concerning, as Privacy Browser should initiate no network traffic that is not listed there. If you do see it, then the blame likely lies with the web developer of the site you are visiting.

I will keep this bug report open until I hear back from you with further information.

Actions #4

Updated by Zounp . over 1 year ago

If you mean: Menu with the 3 horizontal bars > Request-0 then no. I have not seen any entry there as long as I have been using Privacy Browser and looked there.

Actions #5

Updated by Soren Stoutner over 1 year ago

I would be interested in any URL that your firewall shows accessing which isn't listed in Requests.

Out of curiosity, are you using an OS level autofill service (see attached screenshot)? If so, have you allowed it access to Privacy Browser (if the OS service is enabled, Privacy Browser's WebView will prompt you if you want to enable it for the app the first time there is a form that can be saved in Autofill)? If so, it wouldn't surprise me that the Autofill service is making network requests to places like, although I would expect that your firewall would indicate that the request is coming from the OS autofill service and not from Privacy Browser. However, perhaps Autofill somehow indicates to the firewall that the request is being made on behalf of Privacy Browser.

For a little more background on Autofill, see the following two URLs.

Actions #6

Updated by Zounp . over 1 year ago

Thanks for the autofill information.

OS level autofill: No
Settings > Language & input > Autofill service > Autofill service : None

Actions #7

Updated by Soren Stoutner over 1 year ago

OK. So, that's definitely not what's going on.

Actions #8

Updated by Soren Stoutner over 1 year ago

If you can give me an example URL I would be interested in seeing if I can replicate the behavior. Or, is it happening randomly irrespective of the URLs that are loaded?

Actions #9

Updated by Zounp . over 1 year ago

Yes, I can. Giving an URL at this point would be a privacy issue.
I will try if I can reproduce it with an other domain and let you know.

Actions #10

Updated by Soren Stoutner over 1 year ago

  • Status changed from New to Feedback
Actions #11

Updated by No Name over 1 year ago

I analyzed the data traffic:

Every time the browser finds an input field on a web page, it apparently opens a connection to the address Why an autofill service for forms needs to initiate a connection to Google is beyond me. I almost suspect that the call comes about because the Privacy Browser uses the System WebView to display web pages and this causes the call.


GET /v1/pages/ChNDaHJvbWUvOTAuMC40NDMwLjgyEhAJ07mi3Bp4sQoSBQ27V1Zq?alt=proto HTTP/1.1
Connection: close
X-Goog-Encode-Response-If-Executable: base64
X-Goog-Api-Key: dummytoken
Sec-Fetch-Site: none
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Linux; Android 10; Mi A1 Build/QQ3A.200805.001; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.82 Mobile Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7

HTTP-Response :

HTTP/1.1 400 Bad Request
Vary: Origin
Vary: X-Origin
Vary: Referer
Content-Type: application/x-protobuf
Date: Sun, 20 Jun 2021 18:02:13 GMT
Server: ESF
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" 
Connection: close
Content-Length: 166

/API key not valid. Please pass a valid API key.q

You can reproduce the behaviour if you visit my blog:

The search field triggers the connection to "".

Actions #12

Updated by Soren Stoutner over 1 year ago

  • Subject changed from Connects to Google services to Connects to when tapping on an input field

Thanks for the additional information, which is very helpful. I am currently on vacation and won't be back to the equipment I need to try to replicate the issue until the end of the week. But I have a few questions that might provide useful information.

1. What program are you using to detect the information about the HTTP request and response information? Is it a firewall on your device or a network level proxy?
2. What settings do you have for the OS Autofill service (described above)?
3. Do you see the same behavior with another browser based on WebView like Lightning (
4. Do you see the same behavior with a browser based on Gecko like Fennec (
5. If you have root on your device, do you see this behavior if you replace the default WebView with Bromite's SystemWebView (
6. Please post a copy of your About > Version. It is possible that this only affects certain ROMs, versions of Android, or versions of WebView.

Actions #13

Updated by No Name over 1 year ago

1. I use a network proxy - BurpSuite.
2. Under "System > Languages, inputs & gestures > Advanced -> Autofill services" I selected "No App".
3. Yes, I do.
4. No.
5. I won't change that right now. Sorry.
6. Here are the details:
Android-Version: 10
LineageOS-Version: 17.1-202106622-NIGHTLY-tissot
LineageOS API-Level: llama (9)
Security level: 5. June
Kernel-Version: 4.9.188-perf+

It's a Xiaomi Mi A1 test device.

Actions #14

Updated by No Name over 1 year ago

I want to add my WebView version: 91.0.4472.101

Actions #15

Updated by Zounp . over 1 year ago

Tested once more:
Autofill status: Settings > System > Languages & inputs > Advanced > Autofill service: None
Went to

Privacy browser:
  • Nicely transforms it to
  • Search suggestions appeared. I did not allow in Netguard.
  • When I look in Netguard I see connection attempts on TCP4 & -6 to
  • Same behaviour: Wants to go to
  • Search suggestions appeared. I did not allow in Netguard.
  • No extra connections appeard in Netguard. Only to
  • Search suggestions appeared. I did not allow in Netguard.
Actions #16

Updated by Soren Stoutner over 1 year ago

I am not able to replicate the issue on the following device:

Privacy Browser
Version 3.8 (version code 55)

Brand: google
Manufacturer: Google
Model: Pixel 5
Device: redfin
Bootloader: r3-0.3-7241848
Radio: g7250-00132-210419-B-7294132,g7250-00132-210419-B-7294132

Android: 11 (API 30)
Security Patch: 2021-06-05
Build: RQ3A.210605.005
WebView Provider:
WebView Version: 91.0.4472.120
Orbot: 16.4.1-RC-2-tor.
I2P: 0.9.49
OpenKeychain: 5.7.5

Memory Usage
App Consumed Memory: 13.01 MiB
App Available Memory: 27.43 MiB
App Total Memory: 40.44 MiB
App Maximum Memory: 256.00 MiB
System Consumed Memory: 3,439.48 MiB
System Available Memory: 4,018.25 MiB
System Total Memory: 7,457.73 MiB

EasyList: 202105211708
EasyPrivacy: 202105211708
Fanboy's Annoyance List: 202105212100
Fanboy's Social Blocking List: 202105211708
UltraList: 1
UltraPrivacy: 2

Package Signature
Issuer DN: CN=Android Debug, O=Android, C=US
Subject DN: CN=Android Debug, O=Android, C=US
Start Date: Mar 11, 2015 12:39:21 PM MST
End Date: Mar 3, 2045 12:39:21 PM MST
Certificate Version: 3
Serial Number: 372300976
Signature Algorithm: SHA256withRSA

Specifically, no DNS lookups were ever made to while browsing and, tapping on a field, and doing a search using either Privacy Browser or Lightning.

As both of the people who are experiencing this problem are running LineageOS, I wonder if the issue is with some modification to that ROM. Do either of you have the ability to test a vanilla Android device?

Actions #17

Updated by No Name over 1 year ago

With the FOSS Browser ( I won't see connections to

The browser also uses Android System WebView.

Actions #18

Updated by Soren Stoutner over 1 year ago

Do you see connections to on any device not running LineageOS?

Actions #19

Updated by Soren Stoutner about 1 year ago

  • Status changed from Feedback to Closed

Based on the information that has been provided so far, it appears that something like the following is happening:

1. A user taps on a field on a webpage in Privacy Browser.
2. WebView asks the Autofill service if it would like to provide autofill information.
3. Autofill sees that the None service is selected. On standard Android, Autofill does nothing. However, on LineageOS Autofill sends a request to with `X-Goog-Api-Key: dummytoken`.

It is unclear why LineageOS is doing this. It is likely due to some change they have made to the OS that has this unintended consequence.

Whatever the reason, based on the information above, it appears that this bug should actually be filed with LineageOS instead of with Privacy Browser. As such, I am closing the bug report. Feel free to add a comment if you have any indication that this behavior occurs on ROMs not based on LineageOS and I will reopen the bug.

Actions #20

Updated by Soren Stoutner about 1 year ago

This bug report is mentioned at because, of course, it affects any app using WebView on a LineageOS device.


Also available in: Atom PDF