[Spice-devel] [PATCH spice-gtk] RFC: build-sys: remove the spice-controller library

Jeremy White jwhite at codeweavers.com
Wed Jun 14 20:10:35 UTC 2017


On 06/14/2017 02:55 PM, marcandre.lureau at redhat.com wrote:
> From: Marc-André Lureau <marcandre.lureau at redhat.com>
> 
> The spice-controller was a small library to let NPAPI browser plugins
> communicate with the spice client. Due to usage of vala, the library
> could not promise ABI stability, and was also considerer a pretty
> poor implementation.
> 
> Furthermore, major browser vendors began to phase out NPAPI support in
> 2013, and some would like to see it gone by the end of this
> year (realistically, it may not happen though).
> 
> As an alternative, remote-viewer (the first class Spice client)
> learned to connect with a file of mime type application/x-virt-viewer,
> as early as February 2013 with v0.5.5.
> 
> RFC as we may want to have another release with the controller, and
> announce it's the last one that will ship it - remote-viewer should
> follow with a similar announcement.

The spice controller also provides the ability for an application to
securely pass a username and password in via the controller socket.

The use of a file would have potential risk vectors.  Is there an option
to provide that facility?

Cheers,

Jeremy


More information about the Spice-devel mailing list