Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE] Web Egress: Additional query parameter support (secret) #801

Open
coonmoo opened this issue Nov 2, 2024 · 0 comments
Open

[FEATURE] Web Egress: Additional query parameter support (secret) #801

coonmoo opened this issue Nov 2, 2024 · 0 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@coonmoo
Copy link

coonmoo commented Nov 2, 2024

Problem

We are currently using Web Egress to record a web page which requires passing an access token via an url query parameter for authentication. We observed that the full URL (including the access token) can be retrieved via the Livekit Cloud Egress dashboard.

The access token query parameter is sensitive and should never be logged or stored.

Solution

Introduce a new parameter sensitive_query_params or similar on the WebEgress request API endpoint. This parameter shouldn't be logged or stored and will get appended to the url when starting the Web Egress.

This would allow us to pass the access token query parameter to the web page without having to worry that it will be exposed to users having access to the Livekit cloud dashboard.
@coonmoo coonmoo added enhancement New feature or request help wanted Extra attention is needed labels Nov 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@coonmoo