Dear Sir or Madam, 1. Which version of Jetty is being used within CA APM 10.5.2.99? 2. Is there a configuration that we can add to prevent the web server on EM-MOM (webview) from including the internal IP address within the HTTP Header? During a security scan, found that the Jetty server on our EM-MOM has a security finding, of the internal IP address being included in the HTTP header.
Component : Introscope
Jetty 9 is available from the 10.7.0HF22 build, which comes with SP3.
>is there a way with the Jetty version present to change the 302 (redirect) to use the DNS name instead of the IP address?
Have not found any other way other adding a virtual host name list to web app context. APM uses embedded jetty so adding virtual hosts should be done at the code level.
we can make configurable XML file to added virtual host but it will be an enhancement request.