This is an automated email from the ASF dual-hosted git repository.
heneveld pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/brooklyn-server.git
The following commit(s) were added to refs/heads/master by this push:
new 1b5f399ba8 Disable Jetty sending the Server: header
1b5f399ba8 is described below
commit 1b5f399ba85313fb6a1c44046542b35a71b2b09e
Author: Alex Heneveld <[email protected]>
AuthorDate: Mon Nov 25 15:41:43 2024 +0000
Disable Jetty sending the Server: header
There is no known use case for including it, and it is contrary to some
security best practices.
---
karaf/jetty-config/src/main/resources/jetty.xml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/karaf/jetty-config/src/main/resources/jetty.xml
b/karaf/jetty-config/src/main/resources/jetty.xml
index 90f87ea2c2..7f2624cac0 100644
--- a/karaf/jetty-config/src/main/resources/jetty.xml
+++ b/karaf/jetty-config/src/main/resources/jetty.xml
@@ -21,6 +21,9 @@
<Configure id="Server" class="org.eclipse.jetty.server.Server">
+ <New id="httpConfig" class="org.eclipse.jetty.server.HttpConfiguration">
+ <Set name="sendServerVersion">false</Set>
+ </New>
</Configure>
