Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.15.2
-
None
-
Unknown
Description
To completely prevent information leakage from Jetty, you have to
- change its default error page (already possible, but broken, see
CAMEL-8179)
- disable the default Server HTTP response header with JettyHttpEndpoint#setSendServerVersion(false).
This option is also missing as a String-based endpoint parameter in JettyHttpComponent#createEndpoint().