[API] X-Powered-By" Express header disabled. Fixes #1036

To improve the security avoiding a possible fingerprinting attack Ref.: http://expressjs.com/en/advanced/best-practice-security.html#at-a-minimum-disable-x-powered-by-header
2025-02-20 17:33:23 +00:00 · 2016-06-21 19:43:09 +02:00 · 2016-06-21 19:43:09 +02:00 · 51079b0252
commit 51079b0252
parent cefb40856b
1 changed files with 2 additions and 0 deletions
--- a/app.js
+++ b/app.js
@ -42,6 +42,8 @@
        process.exit(0);
    }

+    app.disable('x-powered-by');
+
    // Override bundles.json for HTTP requests
    app.use('/' + BUNDLE_FILE, function (req, res) {
        var bundles;