LizardByte
Disable HTTP Auth on WebUI for localhost. #995
-
Select Topic AreaFeature Request BodyHi. I have a problem with the http auth of the UI. Chrome store the credentials in the passwd-manager, works fine. Since i moved to the Brave Browser this doesn't work. Brave won't save the pass for unsafe pages, whatever i set in the website settings for localhost. I tried to import the credentials to braves password manager by a CSV file. It is in the password manager but the browser ignore it. It would be nice if you can add an config option to disable http auth if the UI is opened on the sunshine host machine. I stream only in my LAN and my firewall is closed. Or otherwise, setting the URL that will be opened in the Browser should be changeable in the config. So i can use a url like: https://user:pass@localhost:47990 or something. I also tried to add the sunshine cert to the trusted certs in tht Windows cert manager but don't work. My knowledge is not so big on that stuff. And sorry for my bad english. andy |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
There will be no features added that intentionally reduce security. |
Beta Was this translation helpful? Give feedback.
-
|
I understand. For WAN use this is unsecure i know. But if the UI webserver is set to allow access only from localhost why i need authentification? Can't you limit the disable_ui_auth only for this setup? If LAN or ALL is set, always need auth. Hmm ok. Then i tunnel it with vpn to my remote server and use nginx as reverse proxy. With a letsencrypt cert the browser will save the credentials. I hope. Sorry it was just a question. I agree with your security policy. There are to many people accidently open holes without knowing it. Btw. Very good Software. My old computer work easy with it. Thanks. |
Beta Was this translation helpful? Give feedback.
-
|
There's been enough vulnerabilities exposed, some did not even require exposing to the internet. https://github.com/LizardByte/sunshine/security/advisories?state=published The big problem with loosing security is if anyone gains access to Sunshine, they will be able to gain complete control of the system. |
Beta Was this translation helpful? Give feedback.
There will be no features added that intentionally reduce security.