On 16/12/2019 16:06, Christopher Schultz wrote:
Hello all,
I would like to systematically hide a request header to web
applications hosted by Tomcat.
[...]
I took a look at Tomcat's rewrite valve[1] and also at the venerable
url-rewrite[2] and I didn't see any options for munging headers. I
c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Olivier,
On 12/16/19 06:08, Olivier Jaquemet wrote:
> Hello all,
>
> I would like to systematically hide a request header to web
> applications hosted by Tomcat.
>
> - If Apache HTTPD is used in front of Tomcat, you can use the
> RequestHeader di
On 16/12/2019 12:25, M. Manna wrote:
I would like to systematically hide a request header to web applications
hosted by Tomcat.
"Blanking" or "Unsetting" a header is not the same as "Hiding". By
hiding, you are essentially asking for the Header to be available under
certain elevated privilege or
Oliver,
On Mon, 16 Dec 2019 at 11:09, Olivier Jaquemet
wrote:
> Hello all,
>
> I would like to systematically hide a request header to web applications
> hosted by Tomcat.
>
> "Blanking" or "Unsetting" a header is not the same as "Hiding". By
hiding, you are essentially asking for the Header t
Hello all,
I would like to systematically hide a request header to web applications
hosted by Tomcat.
- If Apache HTTPD is used in front of Tomcat, you can use the
RequestHeader directive [0]:
RequestHeader unset Some-Header-Name
- If NGINX is used in front of Tomcat, you can use the pro
