Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unable to remove `Server` header

See original GitHub issue

Describe the bug

I cannot remove the Server header from the responses.

To Reproduce Steps to reproduce the behavior:

  1. Create the host, service and mapping from the getting started examples
  2. Modify the Mapping
apiVersion: getambassador.io/v2
kind: Mapping
metadata:
  name: quote-backend
  namespace: volker
spec:
  remove_response_headers:
  - x-envoy-upstream-service-time
  - server
  add_response_headers:
    server: MyServerHeaderValue
  prefix: /backend/
  service: quote
  1. curl the response with curl -I https://your-server.org/backend/
  2. See Server header is still there
HTTP/1.1 200 OK
content-type: application/json
date: Fri, 06 Mar 2020 12:10:01 GMT
content-length: 163
server: envoy

Expected behavior Server header value should be MyServerHeaderValue

Versions (please complete the following information):

  • Ambassador: latest
  • Kubernetes environment: bare metal
  • Version latest

Additional context

This is an ongoing issue: https://github.com/datawire/ambassador/issues/307#issuecomment-412501905

[EDIT] I tried all combinations: Removing the server header. Adding a server header (overwriting). Removing the header and adding a new one. All show the same behaviour.

Issue Analytics

  • State:open
  • Created 4 years ago
  • Reactions:8
  • Comments:8

github_iconTop GitHub Comments

5reactions
balixiaocommented, Jun 9, 2020

@riker09 It looks like Envoy doesn’t support removing server header from response. But you can use ambassador Module to change the server value.

apiVersion: getambassador.io/v2
kind: Module
metadata:
  name: ambassador
spec:
  config:
    server_name: MyServerHeaderValue
1reaction
aromero15commented, Aug 10, 2022

Hi, is there any work in progress to add support for this requirement? Removing server name from header response

Read more comments on GitHub >

github_iconTop Results From Across the Web

Unable to remove server header · Issue #13861 - GitHub
First of all, the server header cannot be deleted using the response_headers_to_delete from envoy because this header is manipulated by the ...
Read more >
Cannot remove 'Server' header with request filtering
I need to remove the 'Server' header from all http requests coming to my IIS site due to PCI DSS scanning restrictions.
Read more >
App gateway v2 - unable to remove Server response header ...
App gateway v2 - unable to remove Server response header with response code 501. I'm using Azure Application Gateway v2 to use rewrite...
Read more >
Why can't the "Server" Response Header be removed via web ...
Removing this header is not about preventing dedicated attacker from finding out what software is running. Removing header is measure to stop ...
Read more >
How to Remove the Server Header in IIS 8.5 - Improve & Repeat
If you want to remove this header for all sites on this server, open the IIS Manger and click on the top node...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Ambassador does not properly handling web browser connection coalescing for HTTP/2 connections

Next page

Does Ambassador directly support mTLS?