using polipo and tor with python mechanize browser reveals ip on one site and not another

Question

I have minimal knowledge of networking. I have discovered a paradox and need advice on how to approach the solution.

Experiment 1: A mechanize browser with a tor/polipo http proxy in a python script makes a request for a URL. The actual IP shows up in the site's log. (UNEXPECTED RESULT: I would like the tor IP to be revealed.)

Experiment 2: A mechanize browser with a tor/polipo http proxy in a python script makes a request for a URL to whatismyip. The tor proxy IP as shows up in the results. (EXPECTED)

Experiment 3: A Firefox browser using the tor proxy is pointed to whatismyip. The same IP as in experiment 2 is revealed. (EXPECTED)

Experiment 4: A Chrome browser with no proxy is pointed to whatismyip and the actual IP of the machine is shown just as in experiment 1. (EXPECTED)

Experiment 5: The HTTP proxy in the system network settings on Mac OS X is set to use the tor/polipo proxy on listening port 8123. The Chrome browser in Experiment 4 now shows the same tor IP as experiment 2 and 3. (EXPECTED)

Tor is running. Polipo is running and configured to use tor port 9050.

My python code:

    import sys, time, os
    from mechanize import Browser
    br = Browser()              # Create a browser
br.set_proxies({"http": "localhost:8123"}) #set proxy
result = br.open(URL)           # Open the login page
print result.read()                     #print resulting output

where

    URL = 'http://affinityehealth.com' | URL = 'http://whatismyip.com'

    #case 1 is able to find the actual IP using the browser in mechanize but not with any other browser using the tor proxy

I am trying to make the point to the administrators of the web site that while logging IP's is useful, it does not prove the physical location of the person checking in. For weeks I have demonstrated using tor that while my physical location does not change, the physical location of the info requester appears to change in the site's logs when I check in via tor.

I would really like my tor IP to show up when I use mechanize to go to this web site in an automated fashion for testing.

I have one last experiment to try and that is setting my system wide proxy setting to tor in the network control panel. I really hate leaving this checked for routine browsing though because it is significantly slower. I only want my python script to use tor via the polipo http proxy.

New to python. New to tor. New to networking so I thank you in advance for being redundantly redundant in your simple explanations.

There must be some difference between 1 and 2 that you aren't mentioning. — Lennart Regebro, Jan 10 '13 at 12:24
Then you have to figure out why tor kicks in in one case, and not the other. If the only difference is the URL, this is not anything that depends on Python. — Lennart Regebro, Jan 10 '13 at 12:30
I wasn't implying it was python. My theory is that tor somehow exposes my actual IP to one web site. Unfortunately I have no way of knowing how that site finds my actual IP. I was hoping somebody might have a suggestion how that site is doing that. — dmmfll, Jan 10 '13 at 12:46
If there really is no difference except the URL it could help if you posted the URL. It could be the that the site tricks your setup to reveal the IP when it see traffic from Tor. — Johan Nilsson, Jan 10 '13 at 12:57
@JohanNilsson: There are such tricks, but hardly on the webserver level, right? So in that case there must also be different types of logs, ie that the log for the first site is not the basic webserver log. Is that correct, user1913726? — Lennart Regebro, Jan 10 '13 at 14:38
@LennartRegebro One simple difference that does the trick in this case is that the first URL redirect to https while no proxy is set for https. — Johan Nilsson, Jan 10 '13 at 15:12
I do know the answer since I have no admin rights on the server. I am just an observer from the outside trying to show somebody that logging IP's are not a way of tracking valid geographic location. The http vs https perhaps holds the key. Thanks! Always nice to have a second or > set of eyes look at a problem. I was focused elsewhere. — dmmfll, Jan 11 '13 at 15:47
Only the first visit of the day is logged. Makes testing difficult! I am certain this is the issue though. Thanks again for helping out a newbie. — dmmfll, Jan 11 '13 at 15:54

score 1 · Accepted Answer · answered Jan 24 '13 at 22:55

1

This works with tor and mechanize:

import socks
import socket
def create_connection(address, timeout=None, source_address=None):
    sock = socks.socksocket()
    sock.connect(address)
    return sock

socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1", 9050)

# patch the socket module
socket.socket = socks.socksocket
socket.create_connection = create_connection

import urllib2

print urllib2.urlopen('http://icanhazip.com').read()

import mechanize
from mechanize import Browser

br = Browser()
print br.open('http://icanhazip.com').read()

answered Jan 24 '13 at 22:55

dmmfll

2,666
2
35
41

What module does "import socks" refer to? – Marian Sep 16 '14 at 13:58
In [1]: import socks In [2]: socks Out[2]: – dmmfll Sep 17 '14 at 22:01
the socks module is included in sockipy: sourceforge.net/projects/socksipy – dmmfll Jan 27 '15 at 13:31

using polipo and tor with python mechanize browser reveals ip on one site and not another

1 Answers1