Disable VNC password, fix bug when running inside Kasm VDI

kasmweb/core/rfb.js

@@ -1068,17 +1068,8 @@ export default class RFB extends EventTargetMixin {
     _negotiate_std_vnc_auth() {
         if (this._sock.rQwait("auth challenge", 16)) { return false; }
 
-        /* Empty passwords are allowed in VNC and since we use HTTPS basic auth, wich is superior, lets allow the bypass of the vnc password
-        if (!this._rfb_credentials.password) {
-            this.dispatchEvent(new CustomEvent(
-                "credentialsrequired",
-                { detail: { types: ["password"] } }));
-            return false;
-        }
-        */
-        if (!this._rfb_credentials.password) {
-            this._rfb_credentials.password = "";
-        }
+        // KasmVNC uses basic Auth, clear the VNC password, which is not used
+        this._rfb_credentials.password = "";
 
         // TODO(directxman12): make genDES not require an Array
         const challenge = Array.prototype.slice.call(this._sock.rQshiftBytes(16));

kasmweb/vnc.html

@@ -71,9 +71,19 @@
             loader.src = "vendor/browser-es-module-loader/dist/browser-es-module-loader.js";
             document.head.appendChild(loader);
         });
-        window.addEventListener("load", function() {
-            document.getElementById("noVNC_connect_button").click();
-        });
+
+        let isInsideKasmVDI = false;
+        try {
+            isInsideKasmVDI = (window.self !== window.top);
+        } catch (e) {
+            isInsideKasmVDI = true;
+        }
+
+        if (!isInsideKasmVDI) {
+            window.addEventListener("load", function() {
+                document.getElementById("noVNC_connect_button").click();
+            });
+        }
     </script>
     <!-- actual script modules -->
     <script type="module" crossorigin='use-credentials' src="app/ui.js"></script>