WebRTC leak
An IP address exposure where WebRTC's connection setup reveals a device's real local or public IP, even when traffic is routed through a proxy or VPN.
WebRTC is the browser standard for real-time audio, video, and peer-to-peer data. To connect two peers it gathers ICE candidates, asking STUN servers for the device's public IP and enumerating local network addresses. The problem is that this discovery can bypass the proxy settings the rest of the browser obeys. A page can trigger candidate gathering with JavaScript and read back IP addresses, so a browser routing all HTTP traffic through a proxy may still disclose the real public IP via WebRTC.
This is one of the most common ways a carefully configured network identity falls apart. For privacy users, it quietly undoes a VPN. For professional setups, it creates a contradiction: the page sees traffic arriving from the proxy's country while WebRTC reports an IP somewhere else, which both leaks the real location and flags the session as inconsistent. Ad verification and geo-testing work depends on the entire network story, including WebRTC, agreeing on one location.
Oculr puts WebRTC under explicit per-profile control: disable it entirely, pass the real values through, or align the reported address with the proxy egress, with the egress IP matched automatically at launch. Combined with the built-in proxy checker and launch guards that stop a profile from opening without its proxy, the WebRTC story stays consistent with the rest of the profile's network identity.
