如何从http响应字段Liferay-Portal,Server中删除http标头?

时间:2012-06-13 10:27:09

标签: java jsp servlets liferay portlet

与liferay一起工作时,总是会说门户作为回应:

Liferay-Portal:Liferay Portal Community Edition 6.1.0 CE (Paton / Build 6100 / January 6, 2012)
Server:GlassFish Server Open Source Edition 3.1.1

如何删除这些信息?

3 个答案:

答案 0 :(得分:3)

无法删除添加到HttpServletResponse对象的标头。解决此问题的唯一方法是Wrapping the HttpServletResponse对象使用Filter并使用您想忽略的标题。

以下是要使用的示例代码,

public class EatHeadersFilters implements Filter
{
   private List<String> headers;
   public void init(FilterConfig filterConfig) throws ServletException
   {
      String headersString = filterConfig.getInitParameter("headers");
      String[] strings = headersString.split(",");
      headers = Arrays.asList(strings);
   }

   public void doFilter(ServletRequest request, ServletResponse response,
         FilterChain filterChain) throws IOException, ServletException
   {
       filterChain.doFilter(request, 
           new HttpServletResponseWrapper((HttpServletResponse) response){
              public void addHeader(String headerName, String headerValue)
              {
                  if(!headers.contains(headerName)){
                   super.addHeader(headerName, headerValue);
                  } else {
                   //eat the header
                  }
              }
         });
    }

   public void destroy()
   {
   }
}

答案 1 :(得分:2)

Ramesh是正确的,但这是纯粹的Servlet实现。请检查界面com.liferay.portal.kernel.servlet.WrapHttpServletResponseFilter。它由同一目的提供。它将在Portlet上下文中起作用。

答案 2 :(得分:2)

您可以在portal-ext.properties中使用以下键来仅显示应用名称和版本(例如社区)

http.header.version.verbosity=partial

不应显示特定版本。

原始资源位于http://arunkumarsrm.blogspot.com/2012/11/liferay-611-ga2-application-security.html

此外,您可以进一步查看以下门票以熟悉所提供的补丁(我还没试过)

http://issues.liferay.com/browse/LPS-2748

http://issues.liferay.com/browse/LPS-9011

* UPD:* 实际上您可以使用以下选项完全禁用服务器信息:

# portal-ext.properties:
http.header.version.verbosity=Liferay Portal Community Edition

并在/tomcat-7.0.27/conf/server.xml

中进行配置
<Connector
  URIEncoding="UTF-8"
  connectionTimeout="20000"
  port="8080"
  protocol="HTTP/1.1"
  redirectPort="8443"
  server="My Server!"
 />

资源:http://tech-annex.blogspot.com/2013/01/hidding-server-signaturebanner.html