IMO the Server head should by default be set by Synapse to say "Apache Synapse vX.Y.Z" or something like that and have an option to forward that of the backend.
I guess we should probably look at what a reverse proxy like nginx does by default and do whatever they do .. as that's the role of Synapse in HTTP-HTTP routing. Sanjiva. On Sun, Aug 11, 2013 at 8:23 PM, Rajika Kumarasiri < [email protected]> wrote: > I meant it's better not to include that header by default since it can be > considered a security issue. But as you have suggested we also need a way > to configure the header. > > Rajika > > > On Sun, Aug 11, 2013 at 1:52 AM, Hiranya Jayathilaka <[email protected] > > wrote: > >> Hi Rajika, >> >> On Aug 10, 2013, at 10:42 PM, Rajika Kumarasiri < >> [email protected]> wrote: >> >> +1. Should be use-if-available. >> >> >> Are you implying that the current behavior is correct (i.e. passing the >> Http "Server" header to the client)? >> >> Thanks, >> Hiranya >> >> >> Rajika >> >> >> On Sun, Aug 11, 2013 at 12:30 AM, Hiranya Jayathilaka < >> [email protected]> wrote: >> >>> I noticed that both PT and NHTTP transports pass the "Server" header >>> sent from the backend server to the client. This is the default programmed >>> behavior, and it can be overridden if needed using a configuration >>> parameter. But is the default behavior correct? Shouldn't Synapse >>> completely hide the backend server details from the client? >>> >>> Thanks, >>> Hiranya >>> >>> -- >>> Hiranya Jayathilaka >>> Mayhem Lab/RACE Lab; >>> Dept. of Computer Science, UCSB; http://cs.ucsb.edu >>> E-mail: [email protected] <[email protected]>; Mobile: +1 (805) >>> 895-7443 >>> Blog: >>> http://techfeast-hiranya.**blogspot.com<http://techfeast-hiranya.blogspot.com/> >>> >>> >> >> -- >> Hiranya Jayathilaka >> Mayhem Lab/RACE Lab; >> Dept. of Computer Science, UCSB; http://cs.ucsb.edu >> E-mail: [email protected] <[email protected]>; Mobile: +1 (805) >> 895-7443 >> Blog: >> http://techfeast-hiranya.**blogspot.com<http://techfeast-hiranya.blogspot.com/> >> >> > -- Sanjiva Weerawarana, Ph.D. Founder, Director & Chief Scientist; Lanka Software Foundation; http://www.opensource.lk/ Founder, Chairman & CEO; WSO2; http://wso2.com/ Blog: http://sanjiva.weerawarana.org/
