Open riker09 opened 4 years ago
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
This is certainly one way to get rid of open issues. Auto-close them by a bot because they were never acknowledged.
I know this is not a super high priority issue, but total neglectance makes me wonder how serious you are about your open source engagement.
@riker09 It looks like Envoy doesn't support removing server
header from response. But you can use ambassador Module to change the server
value.
apiVersion: getambassador.io/v2
kind: Module
metadata:
name: ambassador
spec:
config:
server_name: MyServerHeaderValue
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Hi, we face the same issue. Even the definition of another server_name value in Module doesn't work. It still sends the response header 'server: envoy'
Are there any news on that?
Hi, this is a very common security requirement. Can you please look at adding support for server_header_transformation=PASS_THROUGH?
Hi, is there any work in progress to add support for this requirement? Removing server name from header response
any update on this? we also need to dynamically set this value
Server_name on the Module should be the setting for this but it sounds like that is not working least at in some cases. Just for context, this a primarily a security concern to hide the software/source of the server response?
this a primarily a security concern to hide the software/source of the server response?
It is for me (at least)
Describe the bug
I cannot remove the
Server
header from the responses.To Reproduce Steps to reproduce the behavior:
Mapping
curl -I https://your-server.org/backend/
Server
header is still thereExpected behavior Server header value should be
MyServerHeaderValue
Versions (please complete the following information):
Additional context
This is an ongoing issue: https://github.com/datawire/ambassador/issues/307#issuecomment-412501905
[EDIT] I tried all combinations: Removing the
server
header. Adding aserver
header (overwriting). Removing theheader
and adding a new one. All show the same behaviour.