Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11661

Prevent Restlet from adding the Server header

    XMLWordPrintable

    Details

    • Rank:
      1|hzu473:
    • Angband - Team Tesla 2018.3, Wizardly McNulty - 2018.3
    • No
    • Yes
    • Yes
    • Yes and I used the same an in the description

      Description

      Bug description

      We should prevent Restlet from adding the Server header to HTTP responses to limit information disclosure.

      How to reproduce the issue

      • Send an authenticate request to /xacml/policies for example
        The Server: Restlet-Framework/2.3.4 header should not be on the response
      Expected behaviour

      It isn't.

      Current behaviour

      It is.

        Attachments

          Activity

            People

            peter.major Peter Major [X] (Inactive)
            peter.major Peter Major [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: