diff options
author | Andrew Clayton <a.clayton@nginx.com> | 2023-03-18 16:32:59 +0000 |
---|---|---|
committer | Andrew Clayton <a.clayton@nginx.com> | 2023-04-25 13:59:43 +0100 |
commit | 1a485fed6a8353ecc09e6c0f050e44c0a2d30419 (patch) | |
tree | 7d8b6360f9908a37b0667a173e357c78fd7fd5ff | |
parent | 1fd6eb626baeee94a65b199cd848019e0e6b81b3 (diff) | |
download | unit-1a485fed6a8353ecc09e6c0f050e44c0a2d30419.tar.gz unit-1a485fed6a8353ecc09e6c0f050e44c0a2d30419.tar.bz2 |
Allow to remove the version string in HTTP responses.
Normally Unit responds to HTTP requests by including a header like
Server: Unit/1.30.0
however it can sometimes be beneficial to withhold the version
information and in this case just respond with
Server: Unit
This patch adds a new "settings.http" boolean option called
server_version, which defaults to true, in which case the full version
information is sent. However this can be set to false, e.g
"settings": {
"http": {
"server_version": false
}
},
in which case Unit responds without the version information as the
latter example above shows.
Link: <https://www.ietf.org/rfc/rfc9110.html#section-10.2.4>
Closes: <https://github.com/nginx/unit/issues/158>
Reviewed-by: Alejandro Colomar <alx@nginx.com>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
Diffstat (limited to '')
-rw-r--r-- | src/nxt_conf_validation.c | 3 | ||||
-rw-r--r-- | src/nxt_http_request.c | 12 | ||||
-rw-r--r-- | src/nxt_router.c | 8 | ||||
-rw-r--r-- | src/nxt_router.h | 2 |
4 files changed, 22 insertions, 3 deletions
diff --git a/src/nxt_conf_validation.c b/src/nxt_conf_validation.c index 6d798a81..9059b2b3 100644 --- a/src/nxt_conf_validation.c +++ b/src/nxt_conf_validation.c @@ -347,6 +347,9 @@ static nxt_conf_vldt_object_t nxt_conf_vldt_http_members[] = { }, { .name = nxt_string("log_route"), .type = NXT_CONF_VLDT_BOOLEAN, + }, { + .name = nxt_string("server_version"), + .type = NXT_CONF_VLDT_BOOLEAN, }, NXT_CONF_VLDT_END diff --git a/src/nxt_http_request.c b/src/nxt_http_request.c index e78975aa..e53b1ec8 100644 --- a/src/nxt_http_request.c +++ b/src/nxt_http_request.c @@ -622,8 +622,9 @@ void nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r, nxt_work_handler_t body_handler, void *data) { - u_char *p, *end; - nxt_http_field_t *server, *date, *content_length; + u_char *p, *end, *server_string; + nxt_http_field_t *server, *date, *content_length; + nxt_socket_conf_t *skcf; /* * TODO: "Server", "Date", and "Content-Length" processing should be moved @@ -635,7 +636,12 @@ nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r, goto fail; } - nxt_http_field_set(server, "Server", NXT_SERVER); + skcf = r->conf->socket_conf; + server_string = (u_char *) (skcf->server_version ? NXT_SERVER : NXT_NAME); + + nxt_http_field_name_set(server, "Server"); + server->value = server_string; + server->value_length = nxt_strlen(server_string); if (r->resp.date == NULL) { date = nxt_list_zero_add(r->resp.fields); diff --git a/src/nxt_router.c b/src/nxt_router.c index 992cc039..c4e29e3a 100644 --- a/src/nxt_router.c +++ b/src/nxt_router.c @@ -1519,6 +1519,12 @@ static nxt_conf_map_t nxt_router_http_conf[] = { NXT_CONF_MAP_INT8, offsetof(nxt_socket_conf_t, log_route), }, + + { + nxt_string("server_version"), + NXT_CONF_MAP_INT8, + offsetof(nxt_socket_conf_t, server_version), + }, }; @@ -1927,6 +1933,8 @@ nxt_router_conf_create(nxt_task_t *task, nxt_router_temp_conf_t *tmcf, skcf->proxy_send_timeout = 30 * 1000; skcf->proxy_read_timeout = 30 * 1000; + skcf->server_version = 1; + skcf->websocket_conf.max_frame_size = 1024 * 1024; skcf->websocket_conf.read_timeout = 60 * 1000; skcf->websocket_conf.keepalive_interval = 30 * 1000; diff --git a/src/nxt_router.h b/src/nxt_router.h index 64095b69..6f0ba5ad 100644 --- a/src/nxt_router.h +++ b/src/nxt_router.h @@ -201,6 +201,8 @@ typedef struct { uint8_t discard_unsafe_fields; /* 1 bit */ + uint8_t server_version; /* 1 bit */ + nxt_http_forward_t *forwarded; nxt_http_forward_t *client_ip; |