technocloud-public/nginx-unit
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Allow to remove the version string in HTTP responses.

Browse Source 
Normally Unit responds to HTTP requests by including a header like

  Server: Unit/1.30.0

however it can sometimes be beneficial to withhold the version
information and in this case just respond with

  Server: Unit

This patch adds a new "settings.http" boolean option called
server_version, which defaults to true, in which case the full version
information is sent. However this can be set to false, e.g

  "settings": {
      "http": {
          "server_version": false
      }
  },

in which case Unit responds without the version information as the
latter example above shows.

Link: <https://www.ietf.org/rfc/rfc9110.html#section-10.2.4>
Closes: <https://github.com/nginx/unit/issues/158>
Reviewed-by: Alejandro Colomar <alx@nginx.com>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
This commit is contained in:
Andrew Clayton
2023-03-18 16:32:59 +00:00
parent 1fd6eb626b
commit 1a485fed6a
4 changed files with 22 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/nxt_conf_validation.c
View File

@@ -347,6 +347,9 @@ static nxt_conf_vldt_object_t nxt_conf_vldt_http_members[] = {
}, { }, {
.name = nxt_string("log_route"), .name = nxt_string("log_route"),
.type = NXT_CONF_VLDT_BOOLEAN, .type = NXT_CONF_VLDT_BOOLEAN,
}, {
.name = nxt_string("server_version"),
.type = NXT_CONF_VLDT_BOOLEAN,
}, },
NXT_CONF_VLDT_END NXT_CONF_VLDT_END

10
src/nxt_http_request.c
View File

@@ -622,8 +622,9 @@ void
nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r, nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r,
nxt_work_handler_t body_handler, void *data) nxt_work_handler_t body_handler, void *data)
{ {
u_char *p, *end; u_char *p, *end, *server_string;
nxt_http_field_t *server, *date, *content_length; nxt_http_field_t *server, *date, *content_length;
nxt_socket_conf_t *skcf;
/* /*
* TODO: "Server", "Date", and "Content-Length" processing should be moved * TODO: "Server", "Date", and "Content-Length" processing should be moved
@@ -635,7 +636,12 @@ nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r,
goto fail; goto fail;
} }
nxt_http_field_set(server, "Server", NXT_SERVER); skcf = r->conf->socket_conf;
server_string = (u_char *) (skcf->server_version ? NXT_SERVER : NXT_NAME);
nxt_http_field_name_set(server, "Server");
server->value = server_string;
server->value_length = nxt_strlen(server_string);
if (r->resp.date == NULL) { if (r->resp.date == NULL) {
date = nxt_list_zero_add(r->resp.fields); date = nxt_list_zero_add(r->resp.fields);

8
src/nxt_router.c
View File

@@ -1519,6 +1519,12 @@ static nxt_conf_map_t nxt_router_http_conf[] = {
NXT_CONF_MAP_INT8, NXT_CONF_MAP_INT8,
offsetof(nxt_socket_conf_t, log_route), offsetof(nxt_socket_conf_t, log_route),
}, },
{
nxt_string("server_version"),
NXT_CONF_MAP_INT8,
offsetof(nxt_socket_conf_t, server_version),
},
}; };
@@ -1927,6 +1933,8 @@ nxt_router_conf_create(nxt_task_t *task, nxt_router_temp_conf_t *tmcf,
skcf->proxy_send_timeout = 30 * 1000; skcf->proxy_send_timeout = 30 * 1000;
skcf->proxy_read_timeout = 30 * 1000; skcf->proxy_read_timeout = 30 * 1000;
skcf->server_version = 1;
skcf->websocket_conf.max_frame_size = 1024 * 1024; skcf->websocket_conf.max_frame_size = 1024 * 1024;
skcf->websocket_conf.read_timeout = 60 * 1000; skcf->websocket_conf.read_timeout = 60 * 1000;
skcf->websocket_conf.keepalive_interval = 30 * 1000; skcf->websocket_conf.keepalive_interval = 30 * 1000;

2
src/nxt_router.h
View File

@@ -201,6 +201,8 @@ typedef struct {
uint8_t discard_unsafe_fields; /* 1 bit */ uint8_t discard_unsafe_fields; /* 1 bit */
uint8_t server_version; /* 1 bit */
nxt_http_forward_t *forwarded; nxt_http_forward_t *forwarded;
nxt_http_forward_t *client_ip; nxt_http_forward_t *client_ip;