Uploaded image for project: 'JBoss Enterprise Application Platform'
  1. JBoss Enterprise Application Platform
  2. JBEAP-14977

[cd.14] Migration - Document removal of response headers from default undertow configuration

    XMLWordPrintable

Details

    Description

      As part of work on WFLY-9947 (https://github.com/wildfly/wildfly/pull/10974/files), there have been removed server headers Server and X-Powered-By which were in default configuration of the server. These changes should be effective since Wildfly 13/EAP EO13.

      To reflect this change, we should probably remove section 2.2.5. Removing Undertow Response Headers in our Server Security Guide.

      This JIRA is to update the Migration Guide with this information.

      • We need to update it with the information about the removal of the response filter headers from the default Undertow configuration.
      • We need update a few configuration examples in 4.5. Web Server Configuration Changes.

      Attachments

        Issue Links

          clones

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-14338 [DOC] Remove section 2.2.5. Removing Undertow Response Headers from server security guide

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Closed
          is related to

          Task - Represents a small unit of work that is not end-user facing. WINDUPRULE-369 EAP 7.2: Removal of response headers from default undertow configuration

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Dev Complete

          Activity

            People

              sgilda_jira Sande Gilda (Inactive)
              sgilda_jira Sande Gilda (Inactive)
              Jan Stourac Jan Stourac
              Jan Stourac Jan Stourac
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: