PRIVACY ISSUE

Single word searches inputted directly into the address bar are leaked over LLMNR (Link-Local Multicast Name Resolution) to local network.

In a windows environment making use of LLMNR (Link-Local Multicast Name Resolution) single word search terms entered directly into the address bar cause a LLMNR name query to be sent over the local multicast local link. The result of this is that I can see occasional search terms from other machines within my local network (applies to incognito browsing also).

VERSION:
Chrome Version:  66.0.3359.139 (Official Build) (64-bit)
Operating System: Microsoft Windows 10 Education Version10.0.14393 Build 14393

REPRODUCTION STEPS

Within a standard windows environment using LLMNR start a wireshark capture using the search term 'llmnr'.
Open a chrome browser on a machine in the same multicast domain and enter a single word search term directly into the address bar. If llmcnr is enabled on the client machine a multicast packet containing the search term will be broadcast.

I believe this is because for single word search terms chrome does not know if the single-word is a 'search' or a 'hostname' and so requests a lookup from the OS name resolution stack, however this behavior is not seen in either edge or Firefox.
 

Deleted: llmcnr_search_leak.png 193 KB

	llmcnr_search_leak.png 193 KB View Download