You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@guacamole.apache.org by "Michael Jumper (JIRA)" <ji...@apache.org> on 2018/04/19 04:15:00 UTC

[jira] [Created] (GUACAMOLE-549) Store auth token within localStorage

Michael Jumper created GUACAMOLE-549:
----------------------------------------

             Summary: Store auth token within localStorage
                 Key: GUACAMOLE-549
                 URL: https://issues.apache.org/jira/browse/GUACAMOLE-549
             Project: Guacamole
          Issue Type: Improvement
          Components: guacamole
            Reporter: Michael Jumper


The client-side of Guacamole has stored the authentication token for Guacamole's REST services within a cookie called {{GUAC_AUTH}} since roughly 0.9.4, part of the general refactor that occurred migrating from traditional Java servlets to an AngularJS single-page app. Though the cookie is only actually used client-side, it is still a cookie and is thus sent over the network automatically by the browser to the Guacamole server, where it is ultimately received and completely ignored.

This unnecessary use of cookies should be removed and replaced with something more in line with the way the auth token is actually used, such as {{localStorage}}.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)