[
https://issues.apache.org/jira/browse/ZETACOMP-49?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Alexandre Leblanc updated ZETACOMP-49:
--------------------------------------
Priority: Minor (was: Major)
Description:
Indicate "X-Powered-By:eZ Components MvcTools" in the PHP header and
"User-Agent: eZ Components" in the emails may be a vulnerability for identify a
platform.
For remove the header in the email :
$mail = new ezcMailComposer();
$mail->appendExcludeHeaders(array('User-Agent'));
For replace "X-Powered-By" :
$response->generator="PHP"; //in runResponseFilters method of the controler
was:
Indicate "X-Powered-By:eZ Components MvcTools" in the PHP header and
"User-Agent: eZ Components" in the emails may be a vulnerability for identify a
platform.
Actually, we can replace this value but it's not possible to desactivate this
Header.
Solution for remove and replace the headers.
> "X-Powered-By:eZ Components MvcTools" in the PHP header and "User-Agent: eZ
> Components" in the email header
> -----------------------------------------------------------------------------------------------------------
>
> Key: ZETACOMP-49
> URL: https://issues.apache.org/jira/browse/ZETACOMP-49
> Project: Zeta Components
> Issue Type: Improvement
> Components: Mail, MvcTools
> Reporter: Alexandre Leblanc
> Priority: Minor
>
> Indicate "X-Powered-By:eZ Components MvcTools" in the PHP header and
> "User-Agent: eZ Components" in the emails may be a vulnerability for identify
> a platform.
> For remove the header in the email :
> $mail = new ezcMailComposer();
> $mail->appendExcludeHeaders(array('User-Agent'));
> For replace "X-Powered-By" :
> $response->generator="PHP"; //in runResponseFilters method of the controler
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
