You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@atlas.apache.org by Sidharth Mishra <si...@gmail.com> on 2021/07/08 22:36:27 UTC

Review Request 73445: ATLAS-4350: Atlas - Jetty Version disclosure in http response

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/
-----------------------------------------------------------

Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.


Bugs: ATLAS-4350
    https://issues.apache.org/jira/browse/ATLAS-4350


Repository: atlas


Description
-------

ATLAS-4350: Atlas - Jetty Version disclosure in http response


Diffs
-----

  webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c 
  webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f 


Diff: https://reviews.apache.org/r/73445/diff/1/


Testing
-------

Manually tested and confirmed that the version is not present as part for response header


Thanks,

Sidharth Mishra

Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version disclosure in http response

Posted by Sarath Subramanian <sa...@apache.org>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/#review223204
-----------------------------------------------------------


Ship it!




Ship It!

- Sarath Subramanian


On July 8, 2021, 3:52 p.m., Sidharth Mishra wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73445/
> -----------------------------------------------------------
> 
> (Updated July 8, 2021, 3:52 p.m.)
> 
> 
> Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
> 
> 
> Bugs: ATLAS-4350
>     https://issues.apache.org/jira/browse/ATLAS-4350
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> ATLAS-4350: Atlas - Jetty Version disclosure in http response
> 
> 
> Diffs
> -----
> 
>   webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c 
>   webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f 
> 
> 
> Diff: https://reviews.apache.org/r/73445/diff/1/
> 
> 
> Testing
> -------
> 
> Manually tested and confirmed that the version is not present as part for response header:
> 
> Before Change -
> ----------------
> Response Header:
> 
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:49:45 GMT
> Last-Modified: Tue, 06 Jul 2021 12:06:15 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
> Server: Jetty(9.4.39.v20210325)
> 
> After Change - 
> ----------------
> 
> Response Header:
> 
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:47:57 GMT
> Last-Modified: Wed, 07 Jul 2021 16:51:30 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
> 
> 
> Thanks,
> 
> Sidharth Mishra
> 
>

Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version disclosure in http response

Posted by Nixon Rodrigues <ni...@freestoneinfotech.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/#review223205
-----------------------------------------------------------


Ship it!




Ship It!

- Nixon Rodrigues


On July 8, 2021, 10:52 p.m., Sidharth Mishra wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73445/
> -----------------------------------------------------------
> 
> (Updated July 8, 2021, 10:52 p.m.)
> 
> 
> Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
> 
> 
> Bugs: ATLAS-4350
>     https://issues.apache.org/jira/browse/ATLAS-4350
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> ATLAS-4350: Atlas - Jetty Version disclosure in http response
> 
> 
> Diffs
> -----
> 
>   webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c 
>   webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f 
> 
> 
> Diff: https://reviews.apache.org/r/73445/diff/1/
> 
> 
> Testing
> -------
> 
> Manually tested and confirmed that the version is not present as part for response header:
> 
> Before Change -
> ----------------
> Response Header:
> 
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:49:45 GMT
> Last-Modified: Tue, 06 Jul 2021 12:06:15 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
> Server: Jetty(9.4.39.v20210325)
> 
> After Change - 
> ----------------
> 
> Response Header:
> 
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:47:57 GMT
> Last-Modified: Wed, 07 Jul 2021 16:51:30 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
> 
> 
> Thanks,
> 
> Sidharth Mishra
> 
>

Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version disclosure in http response

Posted by Sidharth Mishra <si...@gmail.com>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/
-----------------------------------------------------------

(Updated July 8, 2021, 10:52 p.m.)


Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.


Bugs: ATLAS-4350
    https://issues.apache.org/jira/browse/ATLAS-4350


Repository: atlas


Description
-------

ATLAS-4350: Atlas - Jetty Version disclosure in http response


Diffs
-----

  webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c 
  webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f 


Diff: https://reviews.apache.org/r/73445/diff/1/


Testing (updated)
-------

Manually tested and confirmed that the version is not present as part for response header:

Before Change -
----------------
Response Header:

HTTP/1.1 200 OK
Date: Thu, 08 Jul 2021 22:49:45 GMT
Last-Modified: Tue, 06 Jul 2021 12:06:15 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 53485
Server: Jetty(9.4.39.v20210325)

After Change - 
----------------

Response Header:

HTTP/1.1 200 OK
Date: Thu, 08 Jul 2021 22:47:57 GMT
Last-Modified: Wed, 07 Jul 2021 16:51:30 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 53485


Thanks,

Sidharth Mishra

Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version disclosure in http response

Posted by Ashutosh Mestry via Review Board <no...@reviews.apache.org>.

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/#review223202
-----------------------------------------------------------


Ship it!




For completeness, can you please add HTTP header before/after the change.

- Ashutosh Mestry


On July 8, 2021, 10:36 p.m., Sidharth Mishra wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73445/
> -----------------------------------------------------------
> 
> (Updated July 8, 2021, 10:36 p.m.)
> 
> 
> Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
> 
> 
> Bugs: ATLAS-4350
>     https://issues.apache.org/jira/browse/ATLAS-4350
> 
> 
> Repository: atlas
> 
> 
> Description
> -------
> 
> ATLAS-4350: Atlas - Jetty Version disclosure in http response
> 
> 
> Diffs
> -----
> 
>   webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c 
>   webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f 
> 
> 
> Diff: https://reviews.apache.org/r/73445/diff/1/
> 
> 
> Testing
> -------
> 
> Manually tested and confirmed that the version is not present as part for response header
> 
> 
> Thanks,
> 
> Sidharth Mishra
> 
>