Comment 48 for bug 1409142
Revision history for this message
| Dave McCowan (dave-mccowan) wrote Re: Websocket Hijacking Vulnerability in Nova VNC Server (CVE-2015-0259) | #48 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
@tristan: yes to both. when I said "noVNC" I meant "websocketproxy". i will work to amend the patch to check the proto. I am hoping a nova guru will help me design the fix to give websockproxy access to the access_url.