Closed arm2arm closed 2 years ago
This is intentional and part of the security model. The servers served from a cocalc project can only be accessed by a user signed in who is a collaborator on that project. Most things people would serve from a project introduce major security vulnerabilities (e.g., arbitrary code execution).
You could in theory change your cocalc-docker server to change how cocalc works, since the source code is included. It's also I think possible to run cocalc in an extremely insecure mode where there is only one user, they are admin, and anybody who connects is signed in automatically as that user...
thank you for the explanation, i can see coros issue etc in the Webbrowser console.
we can close this issue, I will suggest users to login first ...
we can close this issue, I will suggest users to login first ...
Sure.
For the record, I'm definitely open to the possibility of projects hosting publicly facing services. However, the way this might work needs some thought, due to security/robustness concerns... Probably https://github.com/sagemathinc/cocalc would be the place for such a ticket.
Oh, one other thought -- a normal user could just open a port on cocalc docker to the outside world, and you could directly connect to that. This would work just like if cocalc wasn't involved at all. Of course, you would have to somehow expose that port via docker, etc., so it's very awkward.
i want to avoid a headache 😃, i will open an temporal accounts and lock them later.
William Stein @.***> schrieb am So., 6. Feb. 2022, 20:45:
Oh, one other thought -- a normal user could just open a port on cocalc docker to the outside world, and you could directly connect to that. This would work just like if cocalc wasn't involved at all. Of course, you would have to somehow expose that port via docker, etc., so it's very awkward.
— Reply to this email directly, view it on GitHub https://github.com/sagemathinc/cocalc-docker/issues/153#issuecomment-1030900586, or unsubscribe https://github.com/notifications/unsubscribe-auth/AARNPM4UADWTBOBN7JYP36LUZ3FT7ANCNFSM5NVVHEFA . You are receiving this because you modified the open/close state.Message ID: @.***>
I got following problem with slides, unable to share publicly the generated slides: http://*:18080/slides.html if user logged in everything works as expected.
Then visiting the URL using non logged browser getting following error:
everything is self hosted in a docker.
what's going wrong here? thanks in advanced.