noVNC — Browser-Based VNC Client for Remote Desktop Access

Introduction

noVNC is an open-source VNC client implemented entirely in JavaScript and HTML5 Canvas. It runs inside any modern web browser, connecting to a VNC server through a WebSocket-to-TCP proxy called websockify. This makes remote desktop access possible without installing any client software.

What noVNC Does

• Renders a live remote desktop session in the browser using HTML5 Canvas
• Connects to standard VNC servers (TigerVNC, TightVNC, x11vnc, etc.) via websockify
• Supports clipboard sharing between the local browser and the remote desktop
• Handles keyboard and mouse input including special key combinations
• Provides a responsive UI that adapts to mobile browsers with touch input

Architecture Overview

noVNC is a pure client-side JavaScript application. It speaks the RFB (Remote Framebuffer) protocol over a WebSocket connection. Since VNC servers speak raw TCP, a WebSocket-to-TCP bridge called websockify sits between the browser and the VNC server. The client decodes pixel updates using multiple encoding types (Tight, ZRLE, Hextile, Raw) and paints them to an HTML5 Canvas element. Input events are captured from the browser and sent back as RFB messages.

Self-Hosting & Configuration

• Serve the noVNC HTML and JS files from any web server (Nginx, Apache, or the built-in proxy)
• Run websockify as a standalone proxy pointing to your VNC server's host and port
• Enable TLS on websockify with --cert and --key flags for encrypted connections
• Embed noVNC in other applications using the JavaScript library API
• Deploy behind a reverse proxy with WebSocket pass-through for production setups

Key Features

• Zero-install remote access — works in any browser with WebSocket support
• Supports multiple VNC encodings for efficient bandwidth use
• Touch-friendly interface for tablet and phone access
• Embeddable as a JavaScript library in custom web applications
• TLS encryption when paired with websockify over HTTPS

Comparison with Similar Tools

• Apache Guacamole — full remote access gateway with auth and session management; noVNC is a lightweight client library
• SPICE HTML5 — targets SPICE protocol for virtual machines; noVNC speaks standard VNC/RFB
• RustDesk — peer-to-peer remote desktop with NAT traversal; noVNC requires a VNC server and proxy setup
• xrdp — RDP-based remote access; noVNC uses the VNC protocol and runs in the browser

FAQ

Q: Do I need to install anything on the client machine? A: No. noVNC runs entirely in the browser — just navigate to the URL.

Q: Is it secure? A: Use websockify with TLS (wss://) and VNC server passwords. For production, place it behind an HTTPS reverse proxy with authentication.

Q: Can I connect to multiple desktops? A: Each noVNC instance connects to one VNC server. Use a gateway like Apache Guacamole or run multiple websockify instances for multi-target access.

Q: Does it work on mobile? A: Yes. The interface supports touch gestures and virtual keyboard input on iOS and Android browsers.

Sources

• https://github.com/novnc/noVNC
• https://novnc.com/