Skip to content


Subversion checkout URL

You can clone with
Download ZIP
An open-source, privacy-enhancing web browser for iOS, utilizing the Tor anonymity network
Objective-C HTML Shell C
Fetching latest commit...
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.


Onion Browser

Official Site | Support
© 2012 Mike Tigas (@mtigas)
MIT License

A minimal, open-source web browser for iOS that tunnels web traffic through the Tor network. See the official site for more details and App Store links.

Technical notes

  • OnionBrowser: 1.2.0 (20120510.1)
  • Tor: (Apr 30 2012)
  • libevent: 2.0.19-stable (May 03 2012)
  • OpenSSL: 1.0.1c (May 10 2012)

The app, when compiled, contains static library versions of Tor and it's dependencies, libevent and openssl.

The build scripts for Tor and these dependencies are based on from x2on/OpenSSL-for-iPhone. The scripts are configured to compile universal binaries for armv7 and i386 (for the iOS Simulator).

The tor script patches one file in Tor (src/common/compat.c) to remove references to ptrace() and _NSGetEnviron(). This first is only used for the DisableDebuggerAttachment feature (default: True) implemented in Tor (See changelog and manual.) ptrace() and _NSGetEnviron() calls are not allowed in App Store apps; apps submitted with ptrace() symbols are rejected on upload by Apple's auto-validation of the uploaded binary. (The _NSGetEnviron() code does not even compile when using iPhoneSDK due to that function being undefined.) See the patch files in build-patches/ if you are interested in the changes.

Because iOS applications cannot launch subprocesses or otherwise execute other binaries, the tor client is run in-process in a NSThread subclass which executes the tor_main() function (as an external tor executable would) and attempts to safely wrap Tor within the app. (libor.a and libtor.a, intermediate binaries created when compiling Tor, are used to provide Tor.) Side-effects of this method have not yet been fully evaluated. Management of most tor functionality (status checks, reloading tor on connection changes) is handled by accessing the Tor control port in an internal, telnet-like session from the AppDelegate.

The app uses a NSURLProtocol subclass (ProxyURLProtocol), registered to handle HTTP/HTTPS requests. That protocol uses the CKHTTPConnection class which nearly matches the NSURLConnection class, providing wrappers and access to the underlying CFHTTP Core Framework connection bits. This connection class is where SOCKS5 connectivity is enabled. (Because we are using SOCKS5, DNS requests are sent over the Tor network, as well.)

(I had WireShark packet logs to support the claim that this app protects all HTTP/HTTPS/DNS traffic in the browser, but seem to have misplaced them. You'll have to take my word for it or run your own tests.)

The app uses Automatic Reference Counting (ARC) and was developed against iOS 5.X. (It may work when building against iOS 4.X, since most of the ARC behavior exists in that older SDK, with the notable exception of weakrefs.)


  1. Build dependencies via command-line
  2. Build application in XCode

Building dependencies

cd to the root directory of this repository and then run these commands in the following order to build the dependencies. (This can take anywhere between five and thirty minutes depending on your system speed.)

bash OnionBrowser/icon/

This should create a dependencies directory in the root of the repository, containing the statically-compiled library files.


Open OnionBrowser/OnionBrowser.xcodeproj. You should be able to compile and run the application at this point. (The app is compatible with armv7 and i386 targets, meaning that all iOS 5.0 devices and the iPhone/iPad Simulators should be able to run the application.)

Something went wrong with that request. Please try again.