Thanks again for the clarification. So to restate, the novnc maintainers recommend using websockify in a way which exposes authentication tokens in logs, and don't provide any means of mitigating the resulting credential leak. This puts consumers of their software in an unfortunate position, and suggests that we should not continue to encourage use of Nova's novnc integration except in cases where operators are comfortable assuming that risk and taking measures to secure the logs of their per-cell nova-novncproxy daemons.
Thanks again for the clarification. So to restate, the novnc maintainers recommend using websockify in a way which exposes authentication tokens in logs, and don't provide any means of mitigating the resulting credential leak. This puts consumers of their software in an unfortunate position, and suggests that we should not continue to encourage use of Nova's novnc integration except in cases where operators are comfortable assuming that risk and taking measures to secure the logs of their per-cell nova-novncproxy daemons.