httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henrik Nordstrom <...@squid-cache.org>
Subject Re: vote on concept of ServerTokens Off
Date Wed, 06 Dec 2006 21:31:38 GMT
ons 2006-12-06 klockan 09:38 -0500 skrev Jeff Trawick:

> Why other than ego do we want to make it hard to disable this output?

Technical reason: 

Not advertising the brand and version makes it very hard for clients
(user-agents and proxies) to apply workarounds when needed.

As an example Squid currently has a workaround for how Apache handles
ETag in responses which has been modified by mod_deflate. In future we
hope to be able to disable that for versions known to be fixed.

http://issues.apache.org/bugzilla/show_bug.cgi?id=39727

Not sending the sever name and version will make this harder.

Regards
Henrik

Mime
View raw message