Allow to remove the version string in HTTP responses.

Normally Unit responds to HTTP requests by including a header like Server: Unit/1.30.0 however it can sometimes be beneficial to withhold the version information and in this case just respond with Server: Unit This patch adds a new "settings.http" boolean option called server_version, which defaults to true, in which case the full version information is sent. However this can be set to false, e.g "settings": { "http": { "server_version": false } }, in which case Unit responds without the version information as the latter example above shows. Link: <https://www.ietf.org/rfc/rfc9110.html#section-10.2.4> Closes: <https://github.com/nginx/unit/issues/158> Reviewed-by: Alejandro Colomar <alx@nginx.com> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-03-18 16:32:59 +00:00
parent 1fd6eb626b
commit 1a485fed6a
4 changed files with 22 additions and 3 deletions
--- a/src/nxt_conf_validation.c
+++ b/src/nxt_conf_validation.c
@@ -347,6 +347,9 @@ static nxt_conf_vldt_object_t  nxt_conf_vldt_http_members[] = {
    }, {
        .name       = nxt_string("log_route"),
        .type       = NXT_CONF_VLDT_BOOLEAN,
+    }, {
+        .name       = nxt_string("server_version"),
+        .type       = NXT_CONF_VLDT_BOOLEAN,
    },

    NXT_CONF_VLDT_END
--- a/src/nxt_http_request.c
+++ b/src/nxt_http_request.c
@@ -622,8 +622,9 @@ void
 nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r,
    nxt_work_handler_t body_handler, void *data)
 {
-    u_char            *p, *end;
-    nxt_http_field_t  *server, *date, *content_length;
+    u_char             *p, *end, *server_string;
+    nxt_http_field_t   *server, *date, *content_length;
+    nxt_socket_conf_t  *skcf;

    /*
     * TODO: "Server", "Date", and "Content-Length" processing should be moved
@@ -635,7 +636,12 @@ nxt_http_request_header_send(nxt_task_t *task, nxt_http_request_t *r,
        goto fail;
    }

-    nxt_http_field_set(server, "Server", NXT_SERVER);
+    skcf = r->conf->socket_conf;
+    server_string = (u_char *) (skcf->server_version ? NXT_SERVER : NXT_NAME);
+
+    nxt_http_field_name_set(server, "Server");
+    server->value = server_string;
+    server->value_length = nxt_strlen(server_string);

    if (r->resp.date == NULL) {
        date = nxt_list_zero_add(r->resp.fields);
--- a/src/nxt_router.c
+++ b/src/nxt_router.c
@@ -1519,6 +1519,12 @@ static nxt_conf_map_t  nxt_router_http_conf[] = {
        NXT_CONF_MAP_INT8,
        offsetof(nxt_socket_conf_t, log_route),
    },
+
+    {
+        nxt_string("server_version"),
+        NXT_CONF_MAP_INT8,
+        offsetof(nxt_socket_conf_t, server_version),
+    },
 };


@@ -1927,6 +1933,8 @@ nxt_router_conf_create(nxt_task_t *task, nxt_router_temp_conf_t *tmcf,
            skcf->proxy_send_timeout = 30 * 1000;
            skcf->proxy_read_timeout = 30 * 1000;

+            skcf->server_version = 1;
+
            skcf->websocket_conf.max_frame_size = 1024 * 1024;
            skcf->websocket_conf.read_timeout = 60 * 1000;
            skcf->websocket_conf.keepalive_interval = 30 * 1000;
--- a/src/nxt_router.h
+++ b/src/nxt_router.h
@@ -201,6 +201,8 @@ typedef struct {

    uint8_t                discard_unsafe_fields;  /* 1 bit */

+    uint8_t                server_version;         /* 1 bit */
+
    nxt_http_forward_t     *forwarded;
    nxt_http_forward_t     *client_ip;