You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/10/31 20:19:13 UTC
[tomcat] branch master updated: Correct description of default
value of server attribute
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/master by this push:
new 6626089 Correct description of default value of server attribute
6626089 is described below
commit 662608929b9af3ce241428e12ae4eae606363119
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Oct 31 21:18:42 2019 +0100
Correct description of default value of server attribute
---
webapps/docs/changelog.xml | 8 ++++++++
webapps/docs/security-howto.xml | 5 +++--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index a2dadbe..6562e55 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -111,6 +111,14 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Web applications">
+ <changelog>
+ <fix>
+ Correct the description of the default value for the server attribute in
+ the security How-To. (markt)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Other">
<changelog>
<fix>
diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml
index bbd6fa9..8b3d14d 100644
--- a/webapps/docs/security-howto.xml
+++ b/webapps/docs/security-howto.xml
@@ -286,8 +286,9 @@
<p>The <strong>server</strong> attribute controls the value of the Server
HTTP header. The default value of this header for Tomcat 4.1.x to
- <version-major-minor/>.x is Apache-Coyote/1.1. This header can provide
- limited information to both legitimate clients and attackers.</p>
+ 8.0.x is Apache-Coyote/1.1. From 8.5.x onwards this header is not set by
+ default. This header can provide limited information to both legitimate
+ clients and attackers.</p>
<p>The <strong>SSLEnabled</strong>, <strong>scheme</strong> and
<strong>secure</strong> attributes may all be independently set. These are
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org