SOCKS5 proxy
A protocol-agnostic proxy standard that relays TCP and UDP traffic at the session layer, with support for authentication and remote DNS resolution.
SOCKS5 is the fifth version of the SOCKS proxy protocol. Unlike an HTTP proxy, which understands and can modify web requests, a SOCKS5 proxy relays raw connections without inspecting them, which makes it work for any TCP or UDP traffic, not just websites. The protocol adds username and password authentication and, importantly, remote DNS: the proxy can resolve domain names itself, so lookups happen at the proxy's location instead of leaking from the client's network.
For browser work, SOCKS5 has two practical advantages. Protocol independence means everything the browser does, including WebSocket connections and other non-HTTP traffic, can travel through the same tunnel. Remote DNS closes a subtle gap: if the browser resolves names locally while sending traffic through a proxy, DNS queries reveal both the user's resolver and the sites being visited, and the resolved server may be region-inappropriate. Most proxy providers expose both HTTP and SOCKS5 endpoints, so the choice is usually configuration, not cost.
Oculr supports SOCKS5 alongside HTTP, HTTPS, SOCKS4, and SSH as per-profile proxy types, with authenticated proxies handled through a local sidecar. Profiles can also set custom DNS per profile, so name resolution matches the rest of the network identity.
