httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henrik Nordstrom <>
Subject Re: vote on concept of ServerTokens Off
Date Wed, 06 Dec 2006 21:31:38 GMT
ons 2006-12-06 klockan 09:38 -0500 skrev Jeff Trawick:

> Why other than ego do we want to make it hard to disable this output?

Technical reason: 

Not advertising the brand and version makes it very hard for clients
(user-agents and proxies) to apply workarounds when needed.

As an example Squid currently has a workaround for how Apache handles
ETag in responses which has been modified by mod_deflate. In future we
hope to be able to disable that for versions known to be fixed.

Not sending the sever name and version will make this harder.


View raw message