[b]-"X-Powered-By: Servlet/3.0" and "X-Powered-By: JSP/2.1"[/b]
Here are the Steps I tried to disable this header field:
1. go to
https://www.mydomain.com:4848/common/index.jsf
2. choose "Configuration"
3. Choose "Network Config"
4. Choose "Network Listeners"
5. Choose i.e. "http-listener-2"
6. Choose tab "HTTP"
7. Uncheck the checkbox "XPowered By:" and safe afterwards + restart server
(just to make sure...)
This is not working!
I still get the following if I call
http://www.mydomain.com
[...]
X-Powered-By: Servlet/3.0
[...]
But if I call
http://www.mydomain.com/index.html then the field "X-Powered-By"
is not available anymore.
This looks like an inconsistency and I would even go further and call this a bug.
[b]- "Server: GlassFish Server Open Source Edition 3.0.1"[/b]
Here are again my steps:
1. go to
https://www.mydomain.com:4848/common/index.jsf
2. Choose "Configuration"
3. Choose "JVM Settings"
4. Choose tab "JVM Options"
5. Click Button "Add JVM Option"
6. Insert the following into the new textfield: -Dproduct.name=""
7. Click "safe" and restart the server
This is also not working!
I still get the following if I call
http://www.mydomain.com
[...]
Server: GlassFish Server Open Source Edition 3.0.1
[...]
But if I call
http://www.mydomain.com/index.html then I get the following:
[...]
Server: ""
[...]
I also would take this as a bug!
Hints:
-Please consider that my index.html file is an hml file that I have directly put
into the docroot (==> no war...)
- If creating a web project and then deploying the war to the server you get
different results then the ones i have explained above. But here also the
results are not consistent and not as expected. Try it yourself and i.e. create
a webapp and place let's say any HelloWorld.jsp file into the root of the war.
I havealso added this description to my bug report at
https://glassfish.dev.java.net/issues/show_bug.cgi?id=13296
[Message sent by forum member 'nabizamani']
http://forums.java.net/jive/thread.jspa?messageID=482050