You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by Sidharth Mishra <si...@gmail.com> on 2021/07/08 22:36:27 UTC
Review Request 73445: ATLAS-4350: Atlas - Jetty Version disclosure in
http response
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/
-----------------------------------------------------------
Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
Bugs: ATLAS-4350
https://issues.apache.org/jira/browse/ATLAS-4350
Repository: atlas
Description
-------
ATLAS-4350: Atlas - Jetty Version disclosure in http response
Diffs
-----
webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c
webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f
Diff: https://reviews.apache.org/r/73445/diff/1/
Testing
-------
Manually tested and confirmed that the version is not present as part for response header
Thanks,
Sidharth Mishra
Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version
disclosure in http response
Posted by Sarath Subramanian <sa...@apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/#review223204
-----------------------------------------------------------
Ship it!
Ship It!
- Sarath Subramanian
On July 8, 2021, 3:52 p.m., Sidharth Mishra wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73445/
> -----------------------------------------------------------
>
> (Updated July 8, 2021, 3:52 p.m.)
>
>
> Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
>
>
> Bugs: ATLAS-4350
> https://issues.apache.org/jira/browse/ATLAS-4350
>
>
> Repository: atlas
>
>
> Description
> -------
>
> ATLAS-4350: Atlas - Jetty Version disclosure in http response
>
>
> Diffs
> -----
>
> webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c
> webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f
>
>
> Diff: https://reviews.apache.org/r/73445/diff/1/
>
>
> Testing
> -------
>
> Manually tested and confirmed that the version is not present as part for response header:
>
> Before Change -
> ----------------
> Response Header:
>
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:49:45 GMT
> Last-Modified: Tue, 06 Jul 2021 12:06:15 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
> Server: Jetty(9.4.39.v20210325)
>
> After Change -
> ----------------
>
> Response Header:
>
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:47:57 GMT
> Last-Modified: Wed, 07 Jul 2021 16:51:30 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
>
>
> Thanks,
>
> Sidharth Mishra
>
>
Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version
disclosure in http response
Posted by Nixon Rodrigues <ni...@freestoneinfotech.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/#review223205
-----------------------------------------------------------
Ship it!
Ship It!
- Nixon Rodrigues
On July 8, 2021, 10:52 p.m., Sidharth Mishra wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73445/
> -----------------------------------------------------------
>
> (Updated July 8, 2021, 10:52 p.m.)
>
>
> Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
>
>
> Bugs: ATLAS-4350
> https://issues.apache.org/jira/browse/ATLAS-4350
>
>
> Repository: atlas
>
>
> Description
> -------
>
> ATLAS-4350: Atlas - Jetty Version disclosure in http response
>
>
> Diffs
> -----
>
> webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c
> webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f
>
>
> Diff: https://reviews.apache.org/r/73445/diff/1/
>
>
> Testing
> -------
>
> Manually tested and confirmed that the version is not present as part for response header:
>
> Before Change -
> ----------------
> Response Header:
>
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:49:45 GMT
> Last-Modified: Tue, 06 Jul 2021 12:06:15 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
> Server: Jetty(9.4.39.v20210325)
>
> After Change -
> ----------------
>
> Response Header:
>
> HTTP/1.1 200 OK
> Date: Thu, 08 Jul 2021 22:47:57 GMT
> Last-Modified: Wed, 07 Jul 2021 16:51:30 GMT
> Content-Type: text/css
> Accept-Ranges: bytes
> Content-Length: 53485
>
>
> Thanks,
>
> Sidharth Mishra
>
>
Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version
disclosure in http response
Posted by Sidharth Mishra <si...@gmail.com>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/
-----------------------------------------------------------
(Updated July 8, 2021, 10:52 p.m.)
Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
Bugs: ATLAS-4350
https://issues.apache.org/jira/browse/ATLAS-4350
Repository: atlas
Description
-------
ATLAS-4350: Atlas - Jetty Version disclosure in http response
Diffs
-----
webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c
webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f
Diff: https://reviews.apache.org/r/73445/diff/1/
Testing (updated)
-------
Manually tested and confirmed that the version is not present as part for response header:
Before Change -
----------------
Response Header:
HTTP/1.1 200 OK
Date: Thu, 08 Jul 2021 22:49:45 GMT
Last-Modified: Tue, 06 Jul 2021 12:06:15 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 53485
Server: Jetty(9.4.39.v20210325)
After Change -
----------------
Response Header:
HTTP/1.1 200 OK
Date: Thu, 08 Jul 2021 22:47:57 GMT
Last-Modified: Wed, 07 Jul 2021 16:51:30 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 53485
Thanks,
Sidharth Mishra
Re: Review Request 73445: ATLAS-4350: Atlas - Jetty Version
disclosure in http response
Posted by Ashutosh Mestry via Review Board <no...@reviews.apache.org>.
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/73445/#review223202
-----------------------------------------------------------
Ship it!
For completeness, can you please add HTTP header before/after the change.
- Ashutosh Mestry
On July 8, 2021, 10:36 p.m., Sidharth Mishra wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/73445/
> -----------------------------------------------------------
>
> (Updated July 8, 2021, 10:36 p.m.)
>
>
> Review request for atlas, Ashutosh Mestry, Radhika Kundam, and Sarath Subramanian.
>
>
> Bugs: ATLAS-4350
> https://issues.apache.org/jira/browse/ATLAS-4350
>
>
> Repository: atlas
>
>
> Description
> -------
>
> ATLAS-4350: Atlas - Jetty Version disclosure in http response
>
>
> Diffs
> -----
>
> webapp/src/main/java/org/apache/atlas/web/service/EmbeddedServer.java 61aa3134c
> webapp/src/main/java/org/apache/atlas/web/service/SecureEmbeddedServer.java 7a045749f
>
>
> Diff: https://reviews.apache.org/r/73445/diff/1/
>
>
> Testing
> -------
>
> Manually tested and confirmed that the version is not present as part for response header
>
>
> Thanks,
>
> Sidharth Mishra
>
>