Overview: WebKit based browsers do not use the FTP proxy settings entered by a user and thus may leak her true IP. This was tested with the latest Webkit nightly (r73302) and Google Chrome (8.0.552.215) on Windows 7, Linux and Mac OS.
Steps to reproduce:
1) Download and install the JonDonym client software (JonDo) from here: https://anonymous-proxy-servers.net/en/software.html
2) Start it, follow the setup wizard and make sure you are connected to a mix cascade (the animated image should look like the fist one found here: https://anonymous-proxy-servers.net/en/help/jap.JAPNewView_anonymometer.html) (if you need a testing account for our premium services as the free ones are overcrowded we could arrange this)
3) Enter the proxy settings (Host: 127.0.0.1) (Port: 4001) for every available protocol.
4) Go to http://what-is-my-ip-address.anonymous-proxy-servers.net
5) You'll see that your true IP got uncovered by FTP (to doublecheck this, click on "START TEST" and you'll see your true IP in the row "What is my IP address?").
WebKit based browsers should respect the entered proxy settings and your true IP should be hidden as it is the case using Firefox, Internet Explorer and Opera.
This issue is below open source WebKit. I'm now moved it to an Apple internal bug tracker. Closing as INVALID per our policy.
Please file a bug against Chromium, as the same issue will need to be fixed separately by them, <http://www.chromium.org/for-testers/bug-reporting-guidelines>.