You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jena.apache.org by "Andy Seaborne (JIRA)" <ji...@apache.org> on 2016/01/29 14:12:39 UTC
[jira] [Created] (JENA-1125) Suppress output of "Server:" with
version information.
Andy Seaborne created JENA-1125:
-----------------------------------
Summary: Suppress output of "Server:" with version information.
Key: JENA-1125
URL: https://issues.apache.org/jira/browse/JENA-1125
Project: Apache Jena
Issue Type: Improvement
Components: Fuseki
Reporter: Andy Seaborne
Assignee: Andy Seaborne
Priority: Minor
Fix For: Fuseki 2.4.0
Security reports sometimes worry about revealing version information , despite this being open source where every detail is available anyway.
We could suppress or modify the output of the "Server:" header, added by Jetty and by Fuseki.
Should we omit the header?
Have the system name but not the version?
Keep the information anyway?
Making it some kind of configuration feature is difficult because of the variety of environments Fuseki runs in (standalone or from a war file). Because of that, initialization happens quite late and the only current server configuration is about the general Jena environment.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)