From ab9c37a30c960cbc5e5b72c73a3a315afc4c3920 Mon Sep 17 00:00:00 2001
From: Hans Nilsson <hans@erlang.org>
Date: Thu, 16 Apr 2015 16:40:06 +0200
Subject: inets: Add value 'none' in server_tokens config

When the Server header has empty info (or 'none' in config), it is not generated.  This is for limiting Banner Grabbing attempts.
---
 lib/inets/src/http_server/httpd_response.erl | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'lib/inets/src/http_server/httpd_response.erl')

diff --git a/lib/inets/src/http_server/httpd_response.erl b/lib/inets/src/http_server/httpd_response.erl
index 0895729d05..2fa91d47a0 100644
--- a/lib/inets/src/http_server/httpd_response.erl
+++ b/lib/inets/src/http_server/httpd_response.erl
@@ -287,8 +287,11 @@ create_header(ConfigDb, KeyValueTupleHeaders) ->
     ContentType = "text/html", 
     Server      = server(ConfigDb),
     NewHeaders  = add_default_headers([{"date",         Date},
-				       {"content-type", ContentType},
-				       {"server",       Server}], 
+				       {"content-type", ContentType}
+				       | if Server=="" -> [];
+					    true -> [{"server",       Server}]
+					 end
+				      ], 
 				       KeyValueTupleHeaders),
     lists:map(fun fix_header/1, NewHeaders).
 
-- 
cgit v1.2.3