Michael Jumper created GUACAMOLE-549:
----------------------------------------
Summary: Store auth token within localStorage
Key: GUACAMOLE-549
URL: https://issues.apache.org/jira/browse/GUACAMOLE-549
Project: Guacamole
Issue Type: Improvement
Components: guacamole
Reporter: Michael Jumper
The client-side of Guacamole has stored the authentication token for
Guacamole's REST services within a cookie called {{GUAC_AUTH}} since roughly
0.9.4, part of the general refactor that occurred migrating from traditional
Java servlets to an AngularJS single-page app. Though the cookie is only
actually used client-side, it is still a cookie and is thus sent over the
network automatically by the browser to the Guacamole server, where it is
ultimately received and completely ignored.
This unnecessary use of cookies should be removed and replaced with something
more in line with the way the auth token is actually used, such as
{{localStorage}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
