Back to Mirrord

4496.Internal

changelog.d/4496.internal.md

3.231.0310 B
Original Source

The mirrord UI server now only accepts the auth token as a ?token= query parameter on a dedicated /auth entry point, which sets the session cookie and redirects to the app. All other routes authenticate via the cookie or the x-auth-token header, keeping the token out of ordinary navigation and API URLs.