Apache
/
nifi
mirror of https://github.com/apache/nifi.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

NIFI-7321 - Allow NiFi admins to configure whether Jetty will send the Jetty server version in responses. 

Fixed a checkstyle error.
Added property to nifi.properties.
Changed property to a variable that is set with the pom.xml.
Added setting the version variable to another HTTPConfiguration to fix the version being sent in docs context.
Fixed typo error.

This closes #4192.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
This commit is contained in:
Nathan Gough 2020-04-06 00:08:55 -04:00 committed by Andy LoPresto
parent 6b73ea48bc
commit 302a42185c
No known key found for this signature in database
GPG Key ID: 6EC293152D90B61D
4 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
nifi-commons/nifi-properties/src/main/java/org/apache/nifi/util/NiFiProperties.java
View File

@ -197,6 +197,7 @@ public abstract class NiFiProperties {
public static final String WEB_PROXY_HOST = "nifi.web.proxy.host"; public static final String WEB_PROXY_HOST = "nifi.web.proxy.host";
public static final String WEB_MAX_CONTENT_SIZE = "nifi.web.max.content.size"; public static final String WEB_MAX_CONTENT_SIZE = "nifi.web.max.content.size";
public static final String WEB_MAX_REQUESTS_PER_SECOND = "nifi.web.max.requests.per.second"; public static final String WEB_MAX_REQUESTS_PER_SECOND = "nifi.web.max.requests.per.second";
public static final String WEB_SHOULD_SEND_SERVER_VERSION = "nifi.web.should.send.server.version";
// ui properties // ui properties
public static final String UI_BANNER_TEXT = "nifi.ui.banner.text"; public static final String UI_BANNER_TEXT = "nifi.ui.banner.text";
@ -304,6 +305,7 @@ public abstract class NiFiProperties {
public static final String DEFAULT_FLOW_CONFIGURATION_ARCHIVE_MAX_STORAGE = "500 MB"; public static final String DEFAULT_FLOW_CONFIGURATION_ARCHIVE_MAX_STORAGE = "500 MB";
public static final String DEFAULT_SECURITY_USER_OIDC_CONNECT_TIMEOUT = "5 secs"; public static final String DEFAULT_SECURITY_USER_OIDC_CONNECT_TIMEOUT = "5 secs";
public static final String DEFAULT_SECURITY_USER_OIDC_READ_TIMEOUT = "5 secs"; public static final String DEFAULT_SECURITY_USER_OIDC_READ_TIMEOUT = "5 secs";
public static final String DEFAULT_WEB_SHOULD_SEND_SERVER_VERSION = "true";
// cluster common defaults // cluster common defaults
public static final String DEFAULT_CLUSTER_PROTOCOL_HEARTBEAT_INTERVAL = "5 sec"; public static final String DEFAULT_CLUSTER_PROTOCOL_HEARTBEAT_INTERVAL = "5 sec";
@ -1017,6 +1019,10 @@ public abstract class NiFiProperties {
return getProperty(SECURITY_USER_OIDC_CLAIM_IDENTIFYING_USER, "email").trim(); return getProperty(SECURITY_USER_OIDC_CLAIM_IDENTIFYING_USER, "email").trim();
} }
public boolean shouldSendServerVersion() {
return Boolean.parseBoolean(getProperty(WEB_SHOULD_SEND_SERVER_VERSION, DEFAULT_WEB_SHOULD_SEND_SERVER_VERSION));
}
/** /**
* Returns whether Knox SSO is enabled. * Returns whether Knox SSO is enabled.
* *

1
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/pom.xml
View File

@ -146,6 +146,7 @@
<nifi.web.proxy.host /> <nifi.web.proxy.host />
<nifi.web.max.content.size>20 MB</nifi.web.max.content.size> <nifi.web.max.content.size>20 MB</nifi.web.max.content.size>
<nifi.web.max.requests.per.second>30000</nifi.web.max.requests.per.second> <nifi.web.max.requests.per.second>30000</nifi.web.max.requests.per.second>
<nifi.web.should.send.server.version>true</nifi.web.should.send.server.version>
<!-- nifi.properties: security properties --> <!-- nifi.properties: security properties -->
<nifi.security.keystore /> <nifi.security.keystore />
<nifi.security.keystoreType /> <nifi.security.keystoreType />

1
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/nifi.properties
View File

@ -154,6 +154,7 @@ nifi.web.proxy.context.path=${nifi.web.proxy.context.path}
nifi.web.proxy.host=${nifi.web.proxy.host} nifi.web.proxy.host=${nifi.web.proxy.host}
nifi.web.max.content.size=${nifi.web.max.content.size} nifi.web.max.content.size=${nifi.web.max.content.size}
nifi.web.max.requests.per.second=${nifi.web.max.requests.per.second} nifi.web.max.requests.per.second=${nifi.web.max.requests.per.second}
nifi.web.should.send.server.version=${nifi.web.should.send.server.version}
# security properties # # security properties #
nifi.sensitive.props.key= nifi.sensitive.props.key=

2
nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/main/java/org/apache/nifi/web/server/JettyServer.java
View File

@ -760,6 +760,7 @@ public class JettyServer implements NiFiServer, ExtensionUiLoader {
final int headerSize = DataUnit.parseDataSize(props.getWebMaxHeaderSize(), DataUnit.B).intValue(); final int headerSize = DataUnit.parseDataSize(props.getWebMaxHeaderSize(), DataUnit.B).intValue();
httpConfiguration.setRequestHeaderSize(headerSize); httpConfiguration.setRequestHeaderSize(headerSize);
httpConfiguration.setResponseHeaderSize(headerSize); httpConfiguration.setResponseHeaderSize(headerSize);
httpConfiguration.setSendServerVersion(props.shouldSendServerVersion());
// Check if both HTTP and HTTPS connectors are configured and fail if both are configured // Check if both HTTP and HTTPS connectors are configured and fail if both are configured
if (bothHttpAndHttpsConnectorsConfigured(props)) { if (bothHttpAndHttpsConnectorsConfigured(props)) {
@ -908,6 +909,7 @@ public class JettyServer implements NiFiServer, ExtensionUiLoader {
final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration); final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
httpsConfiguration.setSecureScheme("https"); httpsConfiguration.setSecureScheme("https");
httpsConfiguration.setSecurePort(port); httpsConfiguration.setSecurePort(port);
httpsConfiguration.setSendServerVersion(props.shouldSendServerVersion());
httpsConfiguration.addCustomizer(new SecureRequestCustomizer()); httpsConfiguration.addCustomizer(new SecureRequestCustomizer());
// build the connector // build the connector