search

perwendel / spark

A simple expressive web framework for java. Spark has a kotlin DSL https://github.com/perwendel/spark-kotlin
Apache License 2.0
9.63k stars 1.56k forks source link

How to hide Server details in the Response header ? #1274

Open Hasmukhginoya opened 1 year ago

Hasmukhginoya commented 1 year ago

I am using this sample code

public static void main(String[] args) { port(1150); ipAddress("127.0.0.1"); enableCORS(); get("/hello",Main::registration);

}
public static String registration(Request request , Response response)
{
    System.out.println(request.body());
    return  "hi, this is from spark ";
}
private static void enableCORS()

{ before((request, response) -> { response.raw().setHeader("Server"," "); // Is this a Proper ?
}); }

Can we use any other solution to remove server details in the response header ?

@perwendelsony

This is response where i am getting server details HTTP/1.1 200 OK Date: Mon, 20 Mar 2023 09:52:37 GMT Access-Control-Allow-Methods: GET,POST,OPTIONS Access-Control-Allow-Headers: Pragma,Content-Type,cache-control,x-authorization,X-Requested-With,Content-Length,Accept,Origin Access-Control-Max-Age: 86400 Access-Control-Allow-Private-Network: true Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Server: Jetty(9.4.48.v20220622)

this is same as #331 I have verified in latest version this is still visible on response header.

lepe commented 1 year ago

You can use the unofficial branch which removed that header:

<dependency>
  <groupId>com.intellisrc</groupId>
  <artifactId>spark-core</artifactId>
  <version>2.9.4-unofficial-4</version>
</dependency>