[tor-onions] Connection to a hidden service with a RFC 6455 web-socket - advice on risks please

6 Mar 2018


      I have connected to my hidden service with RFC 6455 web-socket and feel 
like a kid in a candy store streaming API requests and return data back 
and forth at good, reliable speeds. My concern is that I am missing 
something here.....
My mental model is that, once the connection and http upgrade request is 
established, TOR sees this as a long running http request and will will 
not close the circuit or change the route until the either side breaks 
the connection.
I would appreciate if someone could comment:
1) Am I correct in my mental model?
2) Am I perpetrating a security anti-pattern by holding the connection 
open indeterminately?
Thanks in advance.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

[tor-onions] Connection to a hidden service with a RFC 6455 web-socket - advice on risks please