Traffic that leaks outside of Tor due to iOS limitations
Due to limitations in UIWebView* and iOS, some types of network traffic are handled outside of the scope of the UIWebView (which Onion Browser configures for Tor) or even outside the scope of the app.
(*Note: we cannot use WKWebView as the method currently used to route traffic over Tor is not supported in the newer framework.)
- Media files, such as
<video>tags or direct HTTP(S) requests to media files that iOS can play natively. When playing the media, the request for the file is made over the clear web, and not via Tor.
- WebRTC is also not routed over Tor.
- OCSP certificate verification. OCSP verification is only triggered when visiting an EV "green bar" HTTPS site and is handled by iOS itself. See full description here.
There is no currently-known way to bypass (3).