-
Notifications
You must be signed in to change notification settings - Fork 40.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
default User-Agent header to map to spring.application.name #17041
Comments
That sounds more like a feature, you don't want to have enabled as default. (Information disclosure) |
i can understand the information disclosure argument, but it's not that it's empty currently. Depending on the actual http client used, it can be either the JRE version or something like "apache-http-components" which in my opinion is worse than the application name. If not by default, It would be nice to be able to set/enable via a property. |
Thanks for the suggestion. I don't think we should set the I'm less sure about providing a property to enable the behaviour. However, I'm leaning towards it not being worth it as I doubt it would be all that widely used. Furthermore, Let's see what the rest of the team thinks. |
|
After some discussion we feel like using |
Whether using RestTemplate or WebClientBuilder, would it make sense to use as default
User-Agent
header the value ofspring.application.name
?At the moment i am using a "custom"
RestTemplateCustomizer
that is injecting this header. forRestTemplate
anddefaultHeaders
method forWebClientBuilder
, but i think it makes sense for theUser-Agent
to be set tospring.application.name
by default.The text was updated successfully, but these errors were encountered: