You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by "Sidharth Kumar Mishra (Jira)" <ji...@apache.org> on 2021/07/08 22:13:00 UTC
[jira] [Created] (ATLAS-4350) Atlas - Jetty Version disclosure in
http response
Sidharth Kumar Mishra created ATLAS-4350:
--------------------------------------------
Summary: Atlas - Jetty Version disclosure in http response
Key: ATLAS-4350
URL: https://issues.apache.org/jira/browse/ATLAS-4350
Project: Atlas
Issue Type: Bug
Reporter: Sidharth Kumar Mishra
Assignee: Sidharth Kumar Mishra
Atlas reveals netty version in http response
{code:java}
GET https://atlas.host:8443/gateway/cdp-proxy/atlas/js/utils/Overrides.js?bust=1601951148602
{code}
{code:java}
HTTP/1.1 200 OK
Connection: close
Date: Wed, 03 Feb 2021 14:24:28 GMT
Connection: close
Last-Modified: Tue, 06 Oct 2020 04:13:55 GMT Content-Type: application/javascript Accept-Ranges: bytes
Server: Jetty(9.4.26.v20200117)
Content-Length: 8186
{code}
*Recommendation:* Remove the version information from the http response header.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)