Hi Mark, Thank you for response. Could you please point me to any specific resource / link that would help achieve this? Appreciate your help !
On Tue, Jan 15, 2019 at 4:42 PM Mark Thomas <ma...@apache.org> wrote: > On 15/01/2019 10:43, Ravi Kumar wrote: > > Hi All, > > > > I am facing an issue. It is kind of Security issue as Tomcat's ETag > header > > in Response header can reveal vital info. > > What vital info? The ETag is constructed from the content length and the > last modified date. > > > We want to disable / turnoff this ETag header of Tomcat webserver. > > Referred this link :- > > > https://serverfault.com/questions/232763/how-to-disable-etag-headers-in-tomcat > > but couldn't get success to disable this ETag. > > > > Appreciate your help ! > > The approached described in that link won't work if the response is > sufficiently large that the response has already been committed. You'd > need to wrap the response, override setHeader(String, String) and NO-OP > and calls that try to set the "ETag" header. > > Mark > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
