You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2019/10/31 20:21:28 UTC
[tomcat] branch 7.0.x updated: Correct description of default value
of server attribute
This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 7.0.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/7.0.x by this push:
new 9729afc Correct description of default value of server attribute
9729afc is described below
commit 9729afc32f64af2b9b60a3721d14b6aa5169d02a
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Oct 31 21:18:42 2019 +0100
Correct description of default value of server attribute
---
webapps/docs/changelog.xml | 8 ++++++++
webapps/docs/security-howto.xml | 5 +++--
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f150d08..4340fbd 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -109,6 +109,14 @@
</fix>
</changelog>
</subsection>
+ <subsection name="Web applications">
+ <changelog>
+ <fix>
+ Correct the description of the default value for the server attribute in
+ the security How-To. (markt)
+ </fix>
+ </changelog>
+ </subsection>
<subsection name="Other">
<changelog>
<fix>
diff --git a/webapps/docs/security-howto.xml b/webapps/docs/security-howto.xml
index dccc584..7bccf0c 100644
--- a/webapps/docs/security-howto.xml
+++ b/webapps/docs/security-howto.xml
@@ -285,8 +285,9 @@
<p>The <strong>server</strong> attribute controls the value of the Server
HTTP header. The default value of this header for Tomcat 4.1.x to
- <version-major-minor/>.x is Apache-Coyote/1.1. This header can provide
- limited information to both legitimate clients and attackers.</p>
+ 8.0.x is Apache-Coyote/1.1. From 8.5.x onwards this header is not set by
+ default. This header can provide limited information to both legitimate
+ clients and attackers.</p>
<p>The <strong>SSLEnabled</strong>, <strong>scheme</strong> and
<strong>secure</strong> attributes may all be independently set. These are
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org