workspaces-issues
workspaces-issues copied to clipboard
kasmtech
[Bug] - Chrome Extension passes the target URL in clear text causing a web filter to flag it
Existing Resources
- [X ] Please search the existing issues for related problems
- [X ] Consult the product documentation : Docs
- [X ] Consult the FAQ : FAQ
- [X ] Consult the Troubleshooting Guide : Guide
- [X ] Reviewed existing training videos: Youtube
Describe the bug When using the Chrome Extension to open a URL in an isolated browser, it appears that the target URL is passed in clear text through the Extension such that a local web filter can see the target URL and may apply filters based on the target URL.
I work for a company whose web filter alerts when a user makes a "Connection to a Known Embargo Country" and it appears that the web filter flagged my usage based on the URL passed through the Wxtension.
To Reproduce Not sure how to specifically reproduce other than to say that when I try to visit an out-of-bounds site using the extension, it gets flagged by our web filter.
Expected behavior Right-clicking on a URL and using the extension to open an isolated browser in a Kasm Workspace should pass the data in an obfuscated or encrypted format that prevents a web filter from acting on the actual target URL.
Workspaces Version 1.15.0.577587
Workspaces Installation Method Single Server Docker instance on a Ubuntu VM hosted on a Proxmox server
Client Browser (please complete the following information):
- OS: Windows 11
- Browser: Chrome
- Version: 126.0.6478.61
