You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jena.apache.org by "Andy Seaborne (JIRA)" <ji...@apache.org> on 2016/01/31 17:55:39 UTC
[jira] [Resolved] (JENA-1125) Suppress output of "Server:" with
version information.
[ https://issues.apache.org/jira/browse/JENA-1125?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andy Seaborne resolved JENA-1125.
---------------------------------
Resolution: Fixed
> Suppress output of "Server:" with version information.
> ------------------------------------------------------
>
> Key: JENA-1125
> URL: https://issues.apache.org/jira/browse/JENA-1125
> Project: Apache Jena
> Issue Type: Improvement
> Components: Fuseki
> Reporter: Andy Seaborne
> Assignee: Andy Seaborne
> Priority: Minor
> Fix For: Fuseki 2.4.0
>
>
> Security reports sometimes worry about revealing version information , despite this being open source where every detail is available anyway.
> We could suppress or modify the output of the "Server:" header, added by Jetty and by Fuseki.
> Should we omit the header?
> Have the system name but not the version?
> Keep the information anyway?
> Making it some kind of configuration feature is difficult because of the variety of environments Fuseki runs in (standalone or from a war file). Because of that, initialization happens quite late and the only current server configuration is about the general Jena environment.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)