Hi Team, I hope this message finds you well. I am currently working on the Guacamole project and am seeking your guidance regarding the security of client connections within my Blazor application (using .NET C# and JavaScript).
At present, I am able to successfully establish a connection to Guacamole through the URL format: *https://{guacServer}/#client/{connectionId}?token={authToken}*. However, I am concerned about the security implications of exposing the token in the URL. This increases the risk of unauthorized access if the URL is copied and shared. Additionally, I have encountered a *CORS issue* when attempting to pass the token in the request header instead of the URL. Could you kindly advise on how to mitigate these security concerns, prevent token exposure in the URL, and resolve the CORS issue? Thank you for your time and assistance. Regards, Pavithra
