From 420e6da17a946d007cf4373ceb623e6768ec2eb6 Mon Sep 17 00:00:00 2001
From: anurag <anurag@localhost.localdomain>
Date: Tue, 21 Apr 2020 04:43:07 +0530
Subject: [PATCH] This commit is intended to hide CherryPy name and version,
 from HTTP header 'Server' response.

Fixes: <https://tracker.ceph.com/issues/44935>
Signed-off-by: anurag <abandhu@redhat.com>
(cherry picked from commit 6fea0f2ce861360643b86774fd86391b781c3789)
---
 qa/tasks/mgr/dashboard/test_requests.py   | 6 ++++++
 src/pybind/mgr/dashboard/services/auth.py | 4 ++++
 2 files changed, 10 insertions(+)

diff --git a/qa/tasks/mgr/dashboard/test_requests.py b/qa/tasks/mgr/dashboard/test_requests.py
index 0d9f8d9ba8369..25460914866ad 100644
--- a/qa/tasks/mgr/dashboard/test_requests.py
+++ b/qa/tasks/mgr/dashboard/test_requests.py
@@ -21,3 +21,9 @@ class RequestsTest(DashboardTestCase):
         self.assertHeaders({
             'Content-Type': 'application/json',
         })
+
+    def test_server(self):
+        self._get('/api/summary')
+        self.assertHeaders({
+            'server': 'Ceph-Dashboard'
+        })
\ No newline at end of file
diff --git a/src/pybind/mgr/dashboard/services/auth.py b/src/pybind/mgr/dashboard/services/auth.py
index be5967394d1e9..12cd6978dc8dd 100644
--- a/src/pybind/mgr/dashboard/services/auth.py
+++ b/src/pybind/mgr/dashboard/services/auth.py
@@ -14,6 +14,10 @@ import jwt
 from .access_control import LocalAuthenticator, UserDoesNotExist
 from .. import mgr, logger
 
+cherrypy.config.update({
+    'response.headers.server': 'Ceph-Dashboard'
+    })
+
 
 class JwtManager(object):
     JWT_TOKEN_BLACKLIST_KEY = "jwt_token_black_list"
-- 
2.39.5