| Summary: | ServerTokens checking is not complete | ||
|---|---|---|---|
| Product: | Apache httpd-2 | Reporter: | Jackie Zhang <jackie.qq.zhang> |
| Component: | Core | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
| Status: | NEW --- | ||
| Severity: | minor | CC: | jackie.qq.zhang |
| Priority: | P2 | Keywords: | FixedInTrunk, PatchAvailable |
| Version: | 2.4.3 | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| Attachments: | "harmless" patch which add a log message | ||
thanks for the report. I think we should fail startup here though even in 2.4.x (In reply to comment #1) > thanks for the report. I think we should fail startup here though even in > 2.4.x Thank you, Eric. My concern for failing startup is that it may be inconsistent with the old system behavior, and may cause complaints. I'm fine if httpd uses "Full" and let me know its decision. Afterall, it won't cause severe problems. If you need the fail startup patch, please let me know. |
Created attachment 29650 [details] "harmless" patch which add a log message Hi, This's a configuration related patch. Basically for the "ServerTokens" config directive, any random string will be regarded as the "Full" option. This bugged me when my input has typos, e.g., ServerTokens Mionr What the patch does is to check whether the user input matches any option keyword, and prints out a log message to notify users if their input does not match any keyword. It still uses the "Full" option if none are matched so that it won't affect legacy systems, but only provide verbosity. Thanks, Jackie