[
https://issues.apache.org/jira/browse/KNOX-1316?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Kevin Risden updated KNOX-1316:
-------------------------------
Affects Version/s: 1.2.0
1.1.0
Attachment: KNOX-1316.patch
Status: Patch Available (was: In Progress)
> API 404 responses should not contain server details
> ---------------------------------------------------
>
> Key: KNOX-1316
> URL: https://issues.apache.org/jira/browse/KNOX-1316
> Project: Apache Knox
> Issue Type: Improvement
> Components: Server
> Affects Versions: 1.1.0, 1.0.0, 1.2.0
> Reporter: Phil Zampino
> Assignee: Kevin Risden
> Priority: Minor
> Fix For: 1.3.0
>
> Attachments: KNOX-1316.patch
>
>
> For an invalid resource request, which results in a 404 response:
> {noformat}
> GET /gatewayipxllql46j/manager/api/v1/topologies/my-new-desc{noformat}
> Knox currently returns some server details and the request URL.
> {noformat}
> HTTP/1.1 404 Not Found
> Date: Thu, 10 May 2018 12:16:13 GMT
> Cache-Control: must-revalidate,no-cache,no-store
> Content-Type: text/html; charset=ISO-8859-1
> Content-Length: 333
> Connection: close
> Server: Jetty(9.2.15.v20160210)
> <html><head><meta http-equiv="Content-Type"
> content="text/html;charset=ISO-8859-1"/><title>Error 404
> </title></head><body><h2>HTTP ERROR: 404</h2><p>Problem accessing
> /gatewayipxllql46j/manager/api/v1/topologies/my-new-desc. Reason:<pre> Not
> Found</pre></p><hr /><i><small>Powered by
> Jetty://</small></i></body></html>{noformat}
> Generic responses are preferred for security reasons, and Jetty should
> support the configuration of such a generic response for these cases.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
