dear, Sure,
i am not checking this at client side i am checking client address at server side and make changes at server side. > On 09-Jun-2019, at 11:13 PM, Mike Jumper <[email protected]> wrote: > > On Sun, Jun 9, 2019, 00:30 Manoj Patil <[email protected] > <mailto:[email protected]>> wrote: > > Dear, > > Because of our employee work from Home and the security reason we kept those > login ip in Mysql server and next time we only allow from that ip next one is > we monitor there working hour also > > Login history is already tracked: > > http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-schema-login-history > > <http://guacamole.apache.org/doc/gug/jdbc-auth.html#jdbc-auth-schema-login-history> > > > hence we make come changes in .JS file > > If login history weren't tracked, JavaScript would not be the place to add > such tracking. Relying on the client side to report its own address or to > enforce restrictions would mean that your solution is vulnerable to tampering. > > Such tracking and enforcement can only safely be done server-side. > > - Mike >
