[tor-onions] Connection to a hidden service with a RFC 6455 web-socket - advice on risks please

Michael Jonker michael at openpoint.ie
Tue Mar 6 16:55:05 UTC 2018


I have connected to my hidden service with RFC 6455 web-socket and feel 
like a kid in a candy store streaming API requests and return data back 
and forth at good, reliable speeds. My concern is that I am missing 
something here.....

My mental model is that, once the connection and http upgrade request is 
established, TOR sees this as a long running http request and will will 
not close the circuit or change the route until the either side breaks 
the connection.


I would appreciate if someone could comment:

1) Am I correct in my mental model?

2) Am I perpetrating a security anti-pattern by holding the connection 
open indeterminately?


Thanks in advance.




More information about the tor-onions mailing list