krishna-pandey commented on issue #3716: [ZEPPELIN-4723] Enable HTTP security headers by default URL: https://github.com/apache/zeppelin/pull/3716#issuecomment-609722741 Also, Travis just finished running tests and build passed with last commit. (https://travis-ci.org/github/krishna-pandey/zeppelin/builds/671511015) @alexott can you please review? @Reamer IMHO not sending Server version at all or leaving it blank doesn't make much difference as everyone knows there must be a Server sending the response. A determined attacker can figure out other way to find Server details or will fire everything he had anyway.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
