Comment 52 for bug 1409142

Revision history for this message
Andrew Laski (alaski) wrote : Re: Websocket Hijacking Vulnerability in Nova VNC Server (CVE-2015-0259)

The generated value is not persisted anywhere. And if we wanted to look at persisting it it would need to be shared storage since it's generated on the compute host.

We could do something like min_protocol(novncproxy_, spice_, etc...) where http < https and enforce that the request matches at least the minimum set. Beyond that I'm out of ideas for the moment since communicating the access_url that was decided will require a communication channel between nova-compute and websocketproxy that we don't currently have.