[jira] [Assigned] (LIVY-974) Remove verbose output on Livy UI error pages

Asif Khatri (Jira) Tue, 02 May 2023 02:33:07 -0700


     [ 
https://issues.apache.org/jira/browse/LIVY-974?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Asif Khatri reassigned LIVY-974:
--------------------------------

    Assignee: Asif Khatri

> Remove verbose output on Livy UI error pages
> --------------------------------------------
>
>                 Key: LIVY-974
>                 URL: https://issues.apache.org/jira/browse/LIVY-974
>             Project: Livy
>          Issue Type: Improvement
>          Components: Server
>            Reporter: Asif Khatri
>            Assignee: Asif Khatri
>            Priority: Major
>             Fix For: 0.8.0
>
>         Attachments: image.png
>
>
> On error, the Livy UI shows verbose output on error pages including the Jetty 
> version number. This could be considered as a security vulnerability. We can 
> make it configurable and avoid sending server version details.
> The Jetty version is there in every response header as well:
> {noformat}
> $ curl -v $LIVY_URL/sessions
> ...
> < Server: Jetty(9.4.43.v20210629){noformat}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (LIVY-974) Remove verbose output on Livy UI error pages

Reply via email to