[JENA-1125] Suppress output of "Server:" with version information. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Fuseki 2.4.0
Component/s: Fuseki
Labels:
None

Description

Security reports sometimes worry about revealing version information , despite this being open source where every detail is available anyway.

We could suppress or modify the output of the "Server:" header, added by Jetty and by Fuseki.

Should we omit the header?
Have the system name but not the version?
Keep the information anyway?

Making it some kind of configuration feature is difficult because of the variety of environments Fuseki runs in (standalone or from a war file). Because of that, initialization happens quite late and the only current server configuration is about the general Jena environment.

Attachments

Activity

People

Assignee:: Andy Seaborne

Reporter:: Andy Seaborne

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 29/Jan/16 13:12

Updated:: 14/May/16 09:53

Resolved:: 31/Jan/16 16:54