[Feature]: view-only VNC #410
Comments
|
The view only mode in noVNC can be only set via the query parameters in the URL. So it provides no security at all, since any visitor can just change the URL in the browser to disable it. If you want to shield the machine, the quick fix is to change the password for the Docker user in Windows. This way nobody can login, unless you are already logged in Windows yourself (and will likely notice it as soon as somebody else joins). An even more secure solution would be to enable nginx authentication, that way you cannot even reach the novnc page without password. But this requires a bit more effort to setup, another user created a guide on how to do it: #301 (comment) |
|
Thanks @kroese
Got it. The nginx way is good for me. |
Is your proposal related to a problem?
I use dockur in GitHub actions to do some E2E tests, with custom
win11x64.xml.I want to observe the status from VNC, while I hope the VNC is view-only because the GitHub actions is public.
Describe the solution you'd like.
I guess it's possible:
https://github.com/novnc/noVNC/blob/9a1b1f0d06567739251314a3b67ac5c432ecad47/docs/EMBEDDING.md?plain=1#L56
I hope there will be a new environment variable to control it:
docker run -e VNC_VIEW_ONLY=yesOr simply add a new view-only VNC port
Describe alternatives you've considered.
none
Additional context
No response
The text was updated successfully, but these errors were encountered: