summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorAndrew Clayton <a.clayton@nginx.com>2023-03-18 16:32:59 +0000
committerAndrew Clayton <a.clayton@nginx.com>2023-04-25 13:59:43 +0100
commit1a485fed6a8353ecc09e6c0f050e44c0a2d30419 (patch)
tree7d8b6360f9908a37b0667a173e357c78fd7fd5ff
parent1fd6eb626baeee94a65b199cd848019e0e6b81b3 (diff)
downloadunit-1a485fed6a8353ecc09e6c0f050e44c0a2d30419.tar.gz
unit-1a485fed6a8353ecc09e6c0f050e44c0a2d30419.tar.bz2
Allow to remove the version string in HTTP responses.
Normally Unit responds to HTTP requests by including a header like Server: Unit/1.30.0 however it can sometimes be beneficial to withhold the version information and in this case just respond with Server: Unit This patch adds a new "settings.http" boolean option called server_version, which defaults to true, in which case the full version information is sent. However this can be set to false, e.g "settings": { "http": { "server_version": false } }, in which case Unit responds without the version information as the latter example above shows. Link: <https://www.ietf.org/rfc/rfc9110.html#section-10.2.4> Closes: <https://github.com/nginx/unit/issues/158> Reviewed-by: Alejandro Colomar <alx@nginx.com> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
Diffstat (limited to '')
-rw-r--r--src/nxt_conf_validation.c3
-rw-r--r--src/nxt_http_request.c12
-rw-r--r--src/nxt_router.c8
-rw-r--r--src/nxt_router.h2
4 files changed, 22 insertions, 3 deletions
diff --git a/src/nxt_conf_validation.c b/src/nxt_conf_validation.c
index 6d798a81..9059b2b3 100644
--- a/src/nxt_conf_validation.c
+++ b/src/nxt_conf_validation.c
@@ -347,6 +347,9 @@ static nxt_conf_vldt_object_t nxt_conf_vldt_http_members[] = {
}, {
.name = nxt_string("log_route"),
.type = NXT_CONF_VLDT_BOOLEAN,
+ }, {
+ .name = nxt_string("server_version"),
+ .type = NXT_CONF_VLDT_BOOLEAN,
},
NXT_CONF_VLDT_END
diff --git a/src/nxt_http_request.c b/src/nxt_http_request.c
index e78975aa..e53b1ec8 100644
--- a/src/nxt_http_request.c
+++ b/src/nxt_http_request.c
@@ -622,8 +622,9 @@ void
nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r,
nxt_work_handler_t body_handler, void *data)
{
- u_char *p, *end;
- nxt_http_field_t *server, *date, *content_length;
+ u_char *p, *end, *server_string;
+ nxt_http_field_t *server, *date, *content_length;
+ nxt_socket_conf_t *skcf;
/*
* TODO: "Server", "Date", and "Content-Length" processing should be moved
@@ -635,7 +636,12 @@ nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r,
goto fail;
}
- nxt_http_field_set(server, "Server", NXT_SERVER);
+ skcf = r->conf->socket_conf;
+ server_string = (u_char *) (skcf->server_version ? NXT_SERVER : NXT_NAME);
+
+ nxt_http_field_name_set(server, "Server");
+ server->value = server_string;
+ server->value_length = nxt_strlen(server_string);
if (r->resp.date == NULL) {
date = nxt_list_zero_add(r->resp.fields);
diff --git a/src/nxt_router.c b/src/nxt_router.c
index 992cc039..c4e29e3a 100644
--- a/src/nxt_router.c
+++ b/src/nxt_router.c
@@ -1519,6 +1519,12 @@ static nxt_conf_map_t nxt_router_http_conf[] = {
NXT_CONF_MAP_INT8,
offsetof(nxt_socket_conf_t, log_route),
},
+
+ {
+ nxt_string("server_version"),
+ NXT_CONF_MAP_INT8,
+ offsetof(nxt_socket_conf_t, server_version),
+ },
};
@@ -1927,6 +1933,8 @@ nxt_router_conf_create(nxt_task_t *task, nxt_router_temp_conf_t *tmcf,
skcf->proxy_send_timeout = 30 * 1000;
skcf->proxy_read_timeout = 30 * 1000;
+ skcf->server_version = 1;
+
skcf->websocket_conf.max_frame_size = 1024 * 1024;
skcf->websocket_conf.read_timeout = 60 * 1000;
skcf->websocket_conf.keepalive_interval = 30 * 1000;
diff --git a/src/nxt_router.h b/src/nxt_router.h
index 64095b69..6f0ba5ad 100644
--- a/src/nxt_router.h
+++ b/src/nxt_router.h
@@ -201,6 +201,8 @@ typedef struct {
uint8_t discard_unsafe_fields; /* 1 bit */
+ uint8_t server_version; /* 1 bit */
+
nxt_http_forward_t *forwarded;
nxt_http_forward_t *client_ip;