Geoffrey Young wrote:Philippe M. Chiasson wrote:
+1 on concept
actually, I would consider making it respect the value of ServerTokens, maybe only sending X-Powered-By it for a subset of available values for security (well obscurity) reasons.
Actually, I'd have to say the reason to come up with X-Powered-By is specifically (well sorta) to get mod_perl advertised no matter what ServerTokens is set to.
I guess we could use ServerTokens to possibly hide some information:
X-Powered-By: mod_perl/2.0.0 vs X-Powered-By: mod_perl/2.x.x
-------------------------------------------------------------------------------- Philippe M. Chiasson m/gozer\@(apache|cpan|ectoplasm)\.org/ GPG KeyID : 88C3A5A5 http://gozer.ectoplasm.org/ F9BF E0C2 480E 7680 1AE5 3631 CB32 A107 88C3A5A5
signature.asc
Description: OpenPGP digital signature
