Vaibhav Joshi created CALCITE-6280: -------------------------------------- Summary: The Jetty's version number leak occurred while using the query sever Key: CALCITE-6280 URL: https://issues.apache.org/jira/browse/CALCITE-6280 Project: Calcite Issue Type: Bug Components: avatica Reporter: Vaibhav Joshi Assignee: Vaibhav Joshi
Unauthorised access to HTTP server using curl returns the Jerry server version. See sample response below {code:java} <html> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1"/> <title>Error 401 Unauthorized</title> </head> <body><h2>HTTP ERROR 401 Unauthorized</h2> <table> <tr><th>URI:</th><td>/</td></tr> <tr><th>STATUS:</th><td>401</td></tr> <tr><th>MESSAGE:</th><td>Unauthorized</td></tr> <tr><th>SERVLET:</th><td>-</td></tr> </table> <hr/><a href="https://eclipse.org/jetty">Powered by Jetty:// 9.4.44.v20210927</a><hr/> </body> </html> {code} For security reason, it's not advisable to return server version in the response. -- This message was sent by Atlassian Jira (v8.20.10#820010)