Hi all, First, thanks for a wonderful implementation of JSF!
I am trying to security 'harden' our Web site and one technique is to avoid giving away architectual information. For example, we suppress the X-Server HTTP header so you don't know what server we are using. We map '*.jsf' to something else so you can't tell we're using JSF. There are a few remaining giveaways, and a BIG one is the comment that MyFaces inserts into the generated HTML just before the end of the body: <!-- MYFACES JAVASCRIPT --> Is there any way to suppress this? Thanks, Richard. -- View this message in context: http://www.nabble.com/Suppress-%3C%21---MYFACES-JAVASCRIPT---%3E-giveaway--tp21946087p21946087.html Sent from the MyFaces - Users mailing list archive at Nabble.com.
