You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@guacamole.apache.org by "Michael Jumper (JIRA)" <ji...@apache.org> on 2018/04/19 04:15:00 UTC
[jira] [Created] (GUACAMOLE-549) Store auth token within
localStorage
Michael Jumper created GUACAMOLE-549:
----------------------------------------
Summary: Store auth token within localStorage
Key: GUACAMOLE-549
URL: https://issues.apache.org/jira/browse/GUACAMOLE-549
Project: Guacamole
Issue Type: Improvement
Components: guacamole
Reporter: Michael Jumper
The client-side of Guacamole has stored the authentication token for Guacamole's REST services within a cookie called {{GUAC_AUTH}} since roughly 0.9.4, part of the general refactor that occurred migrating from traditional Java servlets to an AngularJS single-page app. Though the cookie is only actually used client-side, it is still a cookie and is thus sent over the network automatically by the browser to the Guacamole server, where it is ultimately received and completely ignored.
This unnecessary use of cookies should be removed and replaced with something more in line with the way the auth token is actually used, such as {{localStorage}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)