From ab9c37a30c960cbc5e5b72c73a3a315afc4c3920 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Thu, 16 Apr 2015 16:40:06 +0200 Subject: inets: Add value 'none' in server_tokens config When the Server header has empty info (or 'none' in config), it is not generated. This is for limiting Banner Grabbing attempts. --- lib/inets/doc/src/httpd.xml | 3 ++- lib/inets/src/http_server/httpd_conf.erl | 8 +++++--- lib/inets/src/http_server/httpd_response.erl | 7 +++++-- lib/inets/vsn.mk | 2 +- 4 files changed, 13 insertions(+), 7 deletions(-) diff --git a/lib/inets/doc/src/httpd.xml b/lib/inets/doc/src/httpd.xml index 20c8a6b1b1..e40660ab39 100644 --- a/lib/inets/doc/src/httpd.xml +++ b/lib/inets/doc/src/httpd.xml @@ -315,7 +315,7 @@ text/plain asc txt - {server_tokens, prod|major|minor|minimal|os|full|{private, string()}} + {server_tokens, none|prod|major|minor|minimal|os|full|{private, string()}}

ServerTokens defines how the value of the server header should look.

@@ -323,6 +323,7 @@ text/plain asc txt here is what the server header string could look like for the different values of server-tokens:

+none                  ""  % A Server: header will not be generated
 prod                  "inets"
 major                 "inets/5"
 minor                 "inets/5.8"
diff --git a/lib/inets/src/http_server/httpd_conf.erl b/lib/inets/src/http_server/httpd_conf.erl
index 78dda794db..dbdc1be272 100644
--- a/lib/inets/src/http_server/httpd_conf.erl
+++ b/lib/inets/src/http_server/httpd_conf.erl
@@ -219,14 +219,14 @@ load("ServerName " ++ ServerName, []) ->
 
 load("ServerTokens " ++ ServerTokens, []) ->
     %% These are the valid *plain* server tokens: 
-    %%     sprod, major, minor, minimum, os, full
+    %%     none, prod, major, minor, minimum, os, full
     %% It can also be a "private" server token: private:
     case string:tokens(ServerTokens, [$:]) of
 	["private", Private] ->
 	    {ok,[], {server_tokens, clean(Private)}};
 	[TokStr] ->
 	    Tok = list_to_atom(clean(TokStr)),
-	    case lists:member(Tok, [prod, major, minor, minimum, os, full]) of
+	    case lists:member(Tok, [none, prod, major, minor, minimum, os, full]) of
 		true ->
 		    {ok,[], {server_tokens, Tok}};
 		false ->
@@ -850,6 +850,8 @@ server(full = _ServerTokens) ->
     OS = os_info(full), 
     lists:flatten(
       io_lib:format("~s ~s OTP/~s", [?SERVER_SOFTWARE, OS, OTPRelease]));
+server(none = _ServerTokens) ->
+    "";
 server({private, Server} = _ServerTokens) when is_list(Server) -> 
     %% The user provide its own 
     Server;
@@ -1299,7 +1301,7 @@ ssl_ca_certificate_file(ConfigDB) ->
     end.
 
 plain_server_tokens() ->
-    [prod, major, minor, minimum, os, full].
+    [none, prod, major, minor, minimum, os, full].
 
 error_report(Where,M,F,Error) ->
     error_logger:error_report([{?MODULE, Where}, 
diff --git a/lib/inets/src/http_server/httpd_response.erl b/lib/inets/src/http_server/httpd_response.erl
index 0895729d05..2fa91d47a0 100644
--- a/lib/inets/src/http_server/httpd_response.erl
+++ b/lib/inets/src/http_server/httpd_response.erl
@@ -287,8 +287,11 @@ create_header(ConfigDb, KeyValueTupleHeaders) ->
     ContentType = "text/html", 
     Server      = server(ConfigDb),
     NewHeaders  = add_default_headers([{"date",         Date},
-				       {"content-type", ContentType},
-				       {"server",       Server}], 
+				       {"content-type", ContentType}
+				       | if Server=="" -> [];
+					    true -> [{"server",       Server}]
+					 end
+				      ], 
 				       KeyValueTupleHeaders),
     lists:map(fun fix_header/1, NewHeaders).
 
diff --git a/lib/inets/vsn.mk b/lib/inets/vsn.mk
index e5b63a6446..e9ecb2632a 100644
--- a/lib/inets/vsn.mk
+++ b/lib/inets/vsn.mk
@@ -18,6 +18,6 @@
 # %CopyrightEnd%
 
 APPLICATION = inets
-INETS_VSN   = 5.10.6
+INETS_VSN   = 5.10.7
 PRE_VSN     =
 APP_VSN     = "$(APPLICATION)-$(INETS_VSN)$(PRE_VSN)"
-- 
cgit v1.2.3