You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by va...@apache.org on 2023/05/23 03:02:20 UTC

[couchdb] branch main updated: optionally suppress version info in server response header

This is an automated email from the ASF dual-hosted git repository.

vatamane pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/couchdb.git


The following commit(s) were added to refs/heads/main by this push:
     new 3ff87fafc optionally suppress version info in server response header
3ff87fafc is described below

commit 3ff87fafc18f65bc3874c54ec0adc4fc91328c7d
Author: Robert Newson <rn...@apache.org>
AuthorDate: Mon May 22 16:06:05 2023 +0100

    optionally suppress version info in server response header
---
 rel/overlay/etc/default.ini   |  4 ++++
 src/couch/src/couch_httpd.erl | 15 ++++++++++-----
 src/docs/src/config/http.rst  | 10 ++++++++++
 3 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/rel/overlay/etc/default.ini b/rel/overlay/etc/default.ini
index 14b2a5362..a7de5500e 100644
--- a/rel/overlay/etc/default.ini
+++ b/rel/overlay/etc/default.ini
@@ -197,6 +197,10 @@ bind_address = 127.0.0.1
 ; the old behavior.
 ;bulk_get_use_batches = true
 
+; Whether CouchDB should send CouchDB and Erlang/OTP version in the Server
+; response header.
+;server_header_versions = true
+
 ;[jwt_auth]
 ; List of claims to validate
 ; can be the name of a claim like "exp" or a tuple if the claim requires
diff --git a/src/couch/src/couch_httpd.erl b/src/couch/src/couch_httpd.erl
index 91c7f91ee..5253e4d3c 100644
--- a/src/couch/src/couch_httpd.erl
+++ b/src/couch/src/couch_httpd.erl
@@ -1202,11 +1202,16 @@ negotiate_content_type(_Req) ->
     end.
 
 server_header() ->
-    [
-        {"Server",
-            "CouchDB/" ++ couch_server:get_version() ++
-                " (Erlang OTP/" ++ erlang:system_info(otp_release) ++ ")"}
-    ].
+    case chttpd_util:get_chttpd_config_boolean("server_header_versions", true) of
+        false ->
+            [{"Server", "CouchDB"}];
+        true ->
+            [
+                {"Server",
+                    "CouchDB/" ++ couch_server:get_version() ++
+                        " (Erlang OTP/" ++ erlang:system_info(otp_release) ++ ")"}
+            ]
+    end.
 
 -record(mp, {boundary, buffer, data_fun, callback}).
 
diff --git a/src/docs/src/config/http.rst b/src/docs/src/config/http.rst
index 3aa3dc73b..cbe36c4e3 100644
--- a/src/docs/src/config/http.rst
+++ b/src/docs/src/config/http.rst
@@ -256,6 +256,16 @@ HTTP Server Options
             [chttpd]
             admin_only_all_dbs = true
 
+    .. config:option:: server_header_versions :: Whether to send version info Server header
+
+        .. versionadded:: 3.4
+
+        Set to false to remove the CouchDB and Erlang/OTP versions from the Server response
+        header. ::
+
+            [chttpd]
+            server_header_versions = true
+
 .. config:section:: httpd :: HTTP Server Options
 
     .. versionchanged:: 3.2 These options were moved to [chttpd] section: