Comment 4 for bug 1927677
Revision history for this message
| melanie witt (melwitt) wrote Re: novnc allowing open direction which could potentially be used for phishing | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
> I'm going to add noVNC to this bug to get their input about the redirect behavior.
Looks like I can't do that because noVNC and websockify use github issues and those can't be private security. But if it is indeed an issue in noVNC or websockify, then it is probably OK to go ahead and report it publicly in those projects.
I'm going to do some local testing to determine whether this redirect is something we could intercept and handle or if it happens before we (websockify plugin) are called. If it doesn't appear we can intercept it, we can switch this to public and I can report an issue for noVNC or websockify on github.