Kevin Risden created KNOX-2285:
----------------------------------
Summary: Change gateway.server.header.enabled default to false
Key: KNOX-2285
URL: https://issues.apache.org/jira/browse/KNOX-2285
Project: Apache Knox
Issue Type: Improvement
Components: Server
Reporter: Kevin Risden
Assignee: Kevin Risden
Fix For: 1.4.0
KNOX-932 added gateway.server.header.enabled with the default set to true. Its
been ~2 years and many security scanners are reporting issues if servers report
internal versions.
We should set the default of gateway.server.header.enabled to false to prevent
this information from leaking.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
