mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-06-04 08:55:20 +02:00
72 lines
2.4 KiB
Diff
72 lines
2.4 KiB
Diff
From: Jakub Jirutka <jakub@jirutka.cz>
|
|
Date: Sun, 20 Apr 2025 15:07:00 +0200
|
|
Subject: [PATCH] Don't expose server name and version
|
|
|
|
Remove "Server" header from responses and make the error page as
|
|
generic as possible to avoid identification by potential attackers.
|
|
|
|
--- a/libhttpd.c
|
|
+++ b/libhttpd.c
|
|
@@ -649,8 +649,8 @@
|
|
(void) my_snprintf(
|
|
fixed_type, sizeof(fixed_type), type, hc->hs->charset );
|
|
(void) my_snprintf( buf, sizeof(buf),
|
|
- "%.20s %d %s\015\012Server: %s\015\012Content-Type: %s\015\012Date: %s\015\012Last-Modified: %s\015\012Accept-Ranges: bytes\015\012Connection: close\015\012",
|
|
- hc->protocol, status, title, EXPOSED_SERVER_SOFTWARE, fixed_type,
|
|
+ "%.20s %d %s\015\012Content-Type: %s\015\012Date: %s\015\012Last-Modified: %s\015\012Accept-Ranges: bytes\015\012Connection: close\015\012",
|
|
+ hc->protocol, status, title, fixed_type,
|
|
nowbuf, modbuf );
|
|
add_response( hc, buf );
|
|
s100 = status / 100;
|
|
@@ -745,31 +745,19 @@
|
|
hc, status, title, "", extraheads, "text/html; charset=%s", (off_t) -1,
|
|
(time_t) 0 );
|
|
(void) my_snprintf( buf, sizeof(buf), "\
|
|
-<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" \"http://www.w3.org/TR/html4/loose.dtd\">\n\
|
|
-\n\
|
|
+<!doctype html>\n\
|
|
<html>\n\
|
|
-\n\
|
|
<head>\n\
|
|
- <meta http-equiv=\"Content-type\" content=\"text/html;charset=UTF-8\">\n\
|
|
+ <meta charset=\"utf-8\">\n\
|
|
<title>%d %s</title>\n\
|
|
</head>\n\
|
|
-\n\
|
|
- <body bgcolor=\"#cc9999\" text=\"#000000\" link=\"#2020ff\" vlink=\"#4040cc\">\n\
|
|
-\n\
|
|
- <h2>%d %s</h2>\n",
|
|
+ <body>\n\
|
|
+ <center><h1>%d %s</h1></center>\n",
|
|
status, title, status, title );
|
|
add_response( hc, buf );
|
|
defang( arg, defanged_arg, sizeof(defanged_arg) );
|
|
(void) my_snprintf( buf, sizeof(buf), form, defanged_arg );
|
|
add_response( hc, buf );
|
|
- if ( match( "**MSIE**", hc->useragent ) )
|
|
- {
|
|
- int n;
|
|
- add_response( hc, "<!--\n" );
|
|
- for ( n = 0; n < 6; ++n )
|
|
- add_response( hc, "Padding so that MSIE deigns to show this error instead of its own canned one.\n");
|
|
- add_response( hc, "-->\n" );
|
|
- }
|
|
send_response_tail( hc );
|
|
}
|
|
|
|
@@ -780,14 +768,8 @@
|
|
char buf[1000];
|
|
|
|
(void) my_snprintf( buf, sizeof(buf), "\
|
|
- <hr>\n\
|
|
-\n\
|
|
- <address><a href=\"%s\">%s</a></address>\n\
|
|
-\n\
|
|
</body>\n\
|
|
-\n\
|
|
-</html>\n",
|
|
- SERVER_ADDRESS, EXPOSED_SERVER_SOFTWARE );
|
|
+</html>\n");
|
|
add_response( hc, buf );
|
|
}
|
|
|