Stripped URL shows Tomcat version information

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Unresolved
    • None
    • Component/s: Tomcat
    • None
    • 2
    • 19

      Issue Summary

      When stripping URL, it shows the tomcat version

      Steps to Reproduce

      The test was done without active login to JIRA, empty browser cache and from an external network (mobile device).

      The used URL is: <jira-base-url>/secure/attachment/

      The system shows information from Tomcat webserver with error 400 (see screenshot).

      Expected Results

      The Tomcat versions should not be visible.

      Actual Results

      The tomcat version is visible

      Workaround

      Customize the Tomcat pages that are in Soy templates format. Soy templates are a templating system for dynamically generating reusable HTML and UI elements in both Java and JavaScript.

      They reside under <JIRA_INSTALL>\atlassian-jira\templates\jira\errors directory.

      https://confluence.atlassian.com/confkb/hide-details-from-tomcat-error-page-1031280138.html

        1. image-2020-01-15-20-18-03-773.png
          image-2020-01-15-20-18-03-773.png
          99 kB

              Assignee:
              Unassigned
              Reporter:
              Adrian Stephen (Inactive)
              Votes:
              7 Vote for this issue
              Watchers:
              13 Start watching this issue

                Created:
                Updated: