mirror of https://github.com/apache/nifi.git
NIFI-7321 - Allow NiFi admins to configure whether Jetty will send the Jetty server version in responses.
Fixed a checkstyle error. Added property to nifi.properties. Changed property to a variable that is set with the pom.xml. Added setting the version variable to another HTTPConfiguration to fix the version being sent in docs context. Fixed typo error. This closes #4192. Signed-off-by: Andy LoPresto <alopresto@apache.org>
This commit is contained in:
Nathan Gough
Andy LoPresto
parent
6b73ea48bc
commit
302a42185c
|
|
@ -197,6 +197,7 @@ public abstract class NiFiProperties {
|
|||
public static final String WEB_PROXY_HOST = "nifi.web.proxy.host";
|
||||
public static final String WEB_MAX_CONTENT_SIZE = "nifi.web.max.content.size";
|
||||
public static final String WEB_MAX_REQUESTS_PER_SECOND = "nifi.web.max.requests.per.second";
|
||||
public static final String WEB_SHOULD_SEND_SERVER_VERSION = "nifi.web.should.send.server.version";
|
||||
|
||||
// ui properties
|
||||
public static final String UI_BANNER_TEXT = "nifi.ui.banner.text";
|
||||
|
|
@ -304,6 +305,7 @@ public abstract class NiFiProperties {
|
|||
public static final String DEFAULT_FLOW_CONFIGURATION_ARCHIVE_MAX_STORAGE = "500 MB";
|
||||
public static final String DEFAULT_SECURITY_USER_OIDC_CONNECT_TIMEOUT = "5 secs";
|
||||
public static final String DEFAULT_SECURITY_USER_OIDC_READ_TIMEOUT = "5 secs";
|
||||
public static final String DEFAULT_WEB_SHOULD_SEND_SERVER_VERSION = "true";
|
||||
|
||||
// cluster common defaults
|
||||
public static final String DEFAULT_CLUSTER_PROTOCOL_HEARTBEAT_INTERVAL = "5 sec";
|
||||
|
|
@ -1017,6 +1019,10 @@ public abstract class NiFiProperties {
|
|||
return getProperty(SECURITY_USER_OIDC_CLAIM_IDENTIFYING_USER, "email").trim();
|
||||
}
|
||||
|
||||
public boolean shouldSendServerVersion() {
|
||||
return Boolean.parseBoolean(getProperty(WEB_SHOULD_SEND_SERVER_VERSION, DEFAULT_WEB_SHOULD_SEND_SERVER_VERSION));
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns whether Knox SSO is enabled.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -146,6 +146,7 @@
|
|||
<nifi.web.proxy.host />
|
||||
<nifi.web.max.content.size>20 MB</nifi.web.max.content.size>
|
||||
<nifi.web.max.requests.per.second>30000</nifi.web.max.requests.per.second>
|
||||
<nifi.web.should.send.server.version>true</nifi.web.should.send.server.version>
|
||||
<!-- nifi.properties: security properties -->
|
||||
<nifi.security.keystore />
|
||||
<nifi.security.keystoreType />
|
||||
|
|
|
|||
|
|
@ -154,6 +154,7 @@ nifi.web.proxy.context.path=${nifi.web.proxy.context.path}
|
|||
nifi.web.proxy.host=${nifi.web.proxy.host}
|
||||
nifi.web.max.content.size=${nifi.web.max.content.size}
|
||||
nifi.web.max.requests.per.second=${nifi.web.max.requests.per.second}
|
||||
nifi.web.should.send.server.version=${nifi.web.should.send.server.version}
|
||||
|
||||
# security properties #
|
||||
nifi.sensitive.props.key=
|
||||
|
|
|
|||
|
|
@ -760,6 +760,7 @@ public class JettyServer implements NiFiServer, ExtensionUiLoader {
|
|||
final int headerSize = DataUnit.parseDataSize(props.getWebMaxHeaderSize(), DataUnit.B).intValue();
|
||||
httpConfiguration.setRequestHeaderSize(headerSize);
|
||||
httpConfiguration.setResponseHeaderSize(headerSize);
|
||||
httpConfiguration.setSendServerVersion(props.shouldSendServerVersion());
|
||||
|
||||
// Check if both HTTP and HTTPS connectors are configured and fail if both are configured
|
||||
if (bothHttpAndHttpsConnectorsConfigured(props)) {
|
||||
|
|
@ -908,6 +909,7 @@ public class JettyServer implements NiFiServer, ExtensionUiLoader {
|
|||
final HttpConfiguration httpsConfiguration = new HttpConfiguration(httpConfiguration);
|
||||
httpsConfiguration.setSecureScheme("https");
|
||||
httpsConfiguration.setSecurePort(port);
|
||||
httpsConfiguration.setSendServerVersion(props.shouldSendServerVersion());
|
||||
httpsConfiguration.addCustomizer(new SecureRequestCustomizer());
|
||||
|
||||
// build the connector
|
||||
|
|
|
|||
Loading…
Reference in New Issue