删除Jetty 9中的HTTP Server标头
[英]Remove the HTTP Server header in Jetty 9
问题描述
This is how you hide the server version in Jetty 8: 
这是您在Jetty 8中隐藏服务器版本的方法:
Server server = new Server(port);
server.setSendServerVersion(false);
How do you do it in Jetty 9? 你是怎么在Jetty 9做的? So now it should look something like this? 所以现在看起来应该是这样的?
HttpConfiguration config = new HttpConfiguration();
config.setSendServerVersion(false);
//TODO: Associate config with server???
Server server = new Server(port);
7 个解决方案
解决方案1
30 2014-04-23 13:06:53
In Jetty 9, you need to configure it on HttpConfiguration: 在Jetty 9中,您需要在HttpConfiguration上配置它:
HttpConfiguration httpConfig = new HttpConfiguration();
httpConfig.setSendServerVersion( false );
HttpConnectionFactory httpFactory = new HttpConnectionFactory( httpConfig );
ServerConnector httpConnector = new ServerConnector( server,httpFactory );
server.setConnectors( new Connector[] { httpConnector } );
解决方案2
23 已采纳 2013-03-28 05:48:31
If worked out some code that seems to work. 如果计算出一些似乎有效的代码。 Not sure if its right, but at least it works (: 不确定它是否正确,但至少它是否有效(:
Server server = new Server(port);
for(Connector y : server.getConnectors()) {
for(ConnectionFactory x : y.getConnectionFactories()) {
if(x instanceof HttpConnectionFactory) {
((HttpConnectionFactory)x).getHttpConfiguration().setSendServerVersion(false);
}
}
}
解决方案3
10 2015-12-05 12:40:34
如果将jetty9用作独立服务器,则可以通过在文件start.ini设置jetty.httpConfig.sendServerVersion=false来禁用服务器签名。
解决方案4
2 2013-03-27 12:34:40
There is now an HttpConfiguration object with that setting on it. 现在有一个HttpConfiguration对象,上面有这个设置。
org.eclipse.jetty.server.HttpConfiguration org.eclipse.jetty.server.HttpConfiguration
Look to the jetty.xml for the section on http configuration section showing how to setup the object and then the jetty-http.xml file which shows how that configuration is used. 查看jetty.xml以获取http配置部分的部分,其中显示了如何设置对象,然后查看jetty-http.xml文件,该文件显示了如何使用该配置。 Remember that the jetty xml files are really just a thin skin over java and work basically the same. 请记住,jetty xml文件实际上只是一个比java更薄的皮肤,并且工作基本相同。
http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/jetty-server/src/main/config/etc/jetty.xml http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/jetty-server/src/main/config/etc/jetty.xml
http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/jetty-server/src/main/config/etc/jetty-http.xml http://git.eclipse.org/c/jetty/org.eclipse.jetty.project.git/tree/jetty-server/src/main/config/etc/jetty-http.xml
解决方案5
1 2015-11-05 01:56:16
Some security analysis software will flag sending the server version in the response header as an issue. 某些安全分析软件会将响应标头中的服务器版本标记为问题。
OP was looking for solution for embedded, but if your Jetty deployment uses the server.ini file, you can simply set jetty.send.server.version=false OP正在寻找嵌入式解决方案,但如果您的Jetty部署使用server.ini文件,则只需设置jetty.send.server.version = false
解决方案6
1 2017-01-26 00:07:50
Lambda-style variant of Jacob's solution (which worked for me): Jacob解决方案的Lambda风格变体(适用于我):
final Server server = new Server(port);
Stream.of(server.getConnectors()).flatMap(connector -> connector.getConnectionFactories().stream())
.filter(connFactory -> connFactory instanceof HttpConnectionFactory)
.forEach(httpConnFactory -> ((HttpConnectionFactory)httpConnFactory).getHttpConfiguration().setSendServerVersion(false));
解决方案7
0 2017-11-03 07:24:35
in jetty9.2 , change this config to false in start.ini 在jetty9.2 ,此配置更改为false的start.ini
# should jetty send the server version header?
jetty.send.server.version=true
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.