Asif Khatri created LIVY-974:
--------------------------------
Summary: Remove verbose output on Livy UI error pages
Key: LIVY-974
URL: https://issues.apache.org/jira/browse/LIVY-974
Project: Livy
Issue Type: Improvement
Components: Server
Reporter: Asif Khatri
Fix For: 0.8.0
Attachments: image.png
On error, the Livy UI shows verbose output on error pages including the Jetty
version number. This could be considered as a security vulnerability. We can
make it configurable and avoid sending server version details.
The Jetty version is there in every response header as well:
{noformat}
$ curl -v $LIVY_URL/sessions
...
< Server: Jetty(9.4.43.v20210629){noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
