From: Alex Rousskov <rousskov@measurement-factory.com>
Date: Fri, 19 Aug 2022 18:57:50 +0000 (+0000)
Subject: Honor httpd_suppress_version_string in more contexts (#1121)
X-Git-Tag: SQUID_6_0_1~127
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c81de627914ae4a943fbedc10e880555b508a059;p=thirdparty%2Fsquid.git

Honor httpd_suppress_version_string in more contexts (#1121)

* HTML "signature" part of generated HTTP responses to URN requests
* Server header in generated HTTP redirect responses
* boundary strings in generated HTTP 206 multipart/byteranges responses

Also document known contexts outside the configuration directive reach.
We may assert that all of them are outside the current "httpd" scope
(implied by the directive name), but admins may not know how we define
that "httpd" scope; being more explicit may reduce surprises.
---

diff --git a/src/HttpReply.cc b/src/HttpReply.cc
index 329dab6065..195dfd136a 100644
--- a/src/HttpReply.cc
+++ b/src/HttpReply.cc
@@ -204,7 +204,7 @@ HttpReply::redirect(Http::StatusCode status, const char *loc)
     HttpHeader *hdr;
     sline.set(Http::ProtocolVersion(), status, nullptr);
     hdr = &header;
-    hdr->putStr(Http::HdrType::SERVER, APP_FULLNAME);
+    hdr->putStr(Http::HdrType::SERVER, visible_appname_string);
     hdr->putTime(Http::HdrType::DATE, squid_curtime);
     hdr->putInt64(Http::HdrType::CONTENT_LENGTH, 0);
     hdr->putStr(Http::HdrType::LOCATION, loc);
diff --git a/src/cf.data.pre b/src/cf.data.pre
index 320ba5d9f4..e0dd174236 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -7470,7 +7470,10 @@ TYPE: onoff
 DEFAULT: off
 LOC: Config.onoff.httpd_suppress_version_string
 DOC_START
-	Suppress Squid version string info in HTTP headers and HTML error pages.
+	Do not send Squid version string in HTTP metadata and generated content
+	such as HTML error pages. Squid version string is still present in certain
+	SNMP responses, cachemgr.cgi output, squidclient User-Agent request header
+	field, various console output, and cache.log.
 DOC_END
 
 NAME: visible_hostname
diff --git a/src/client_side.cc b/src/client_side.cc
index e262db288c..7867898ede 100644
--- a/src/client_side.cc
+++ b/src/client_side.cc
@@ -793,7 +793,7 @@ String
 ClientHttpRequest::rangeBoundaryStr() const
 {
     const char *key;
-    String b(APP_FULLNAME);
+    String b(visible_appname_string);
     b.append(":",1);
     key = storeEntry()->getMD5Text();
     b.append(key, strlen(key));
diff --git a/src/urn.cc b/src/urn.cc
index 363b8be3b0..5c7907c65e 100644
--- a/src/urn.cc
+++ b/src/urn.cc
@@ -361,7 +361,7 @@ urnHandleReply(void *data, StoreIOBuffer result)
         "<ADDRESS>\n"
         "Generated by %s@%s\n"
         "</ADDRESS>\n",
-        APP_FULLNAME, getMyHostname());
+        visible_appname_string, getMyHostname());
     rep = new HttpReply;
     rep->setHeaders(Http::scFound, nullptr, "text/html", mb->length(), 0, squid_curtime);