Hide "X-Powered-By: Luracast Restler" in response headers

[linux019]

For security reasons is it possible to add option to remove this header?
This info disclosures internal server structure.

[tomahock]

May i sugest if is in production mode hide, else show?

[linux019]

Yes, this header doesn't needed on production servers

2016-01-08 13:39 GMT+02:00 João Pina [email protected]:

May i sugest if is in production mode hide, else show?

—
Reply to this email directly or view it on GitHub
#514 (comment).

[thedotedge]

Restler::addListener('onRespond', function () {
    header('X-Powered-By: google.com');
});

[roydekleijn]

I like to suggest to remove the X-Powered-By header by default.

[roynasser]

This makes sense as we never want to divulge too much info. Leaving on in dev can help diagnose versioning issues...

I have also added (and suggest it for others), adding a unique request ID which can be referenced in logs etc...