You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@knox.apache.org by "Phil Zampino (JIRA)" <ji...@apache.org> on 2018/05/16 21:19:00 UTC
[jira] [Created] (KNOX-1316) API 404 responses should not contain
server details
Phil Zampino created KNOX-1316:
----------------------------------
Summary: API 404 responses should not contain server details
Key: KNOX-1316
URL: https://issues.apache.org/jira/browse/KNOX-1316
Project: Apache Knox
Issue Type: Bug
Components: Server
Affects Versions: 1.0.0
Reporter: Phil Zampino
Fix For: 1.1.0
For an invalid resource request, which results in a 404 response:
{noformat}
GET /gatewayipxllql46j/manager/api/v1/topologies/my-new-desc{noformat}
Knox currently returns some server details and the request URL.
{noformat}
HTTP/1.1 404 Not Found
Date: Thu, 10 May 2018 12:16:13 GMT
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 333
Connection: close
Server: Jetty(9.2.15.v20160210)
<html><head><meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/><title>Error 404 </title></head><body><h2>HTTP ERROR: 404</h2><p>Problem accessing /gatewayipxllql46j/manager/api/v1/topologies/my-new-desc. Reason:<pre> Not Found</pre></p><hr /><i><small>Powered by Jetty://</small></i></body></html>{noformat}
Generic responses are preferred for security reasons, and Jetty should support the configuration of such a generic response for these cases.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)