robert-clegg-tessella
commented
5 years ago def on_finish(self):
self.clear_header("Server")Open robert-clegg-tessella opened 5 years ago
robert-clegg-tessella
commented
5 years ago def on_finish(self):
self.clear_header("Server")
oliver-tarrant-tessella
commented
5 years ago To completely remove server headers will need to edit the ingress configuration as explained here: https://stackoverflow.com/questions/53530025/nginx-ingress-controller-hide-nginx-version. Possible route may be to define a custom config and then use a configmap to assure ingress uses this. Could be useful: https://stackoverflow.com/questions/42078080/add-nginx-conf-to-kubernetes-cluster
The content header of the Piezo web app handlers returns the server type and version by default. This is a security risk and so needs to be disabled.
Acceptance criteria
None of the Piezo web app handlers returns the server in its response header.
Test Scenario: