[thredds] Remove TDS Version information shown at bottom of page and on Info page.

To: "thredds@xxxxxxxxxxxxxxxx" <thredds@xxxxxxxxxxxxxxxx>
Subject: [thredds] Remove TDS Version information shown at bottom of page and on Info page.
From: "Brown, Mitchell E ERDC-RDE-CHL-MS CIV" <Mitchell.E.Brown@xxxxxxxxxxxxx>
Date: Fri, 3 Sep 2021 14:53:45 +0000

I have security vulnerabilities that I have to address for our TDS instances 
that deal with server version information being displayed.  This occurs on 
EVERY page that comes up in the catalog at the very bottom and looks something 
like this:

      THREDDS Data Server [Version 5.0.0-beta9 - 2021-09-01T02:47:21+0000]   
Documentation

Also, the Info page displays information, such as shown below.
*       Webapp Name: THREDDS Data Server
*       Webapp Version: 5.0.0-beta9

I am temporarily addressing the vulnerability by commenting out a few lines in 
the following files:
-       thredds##5.0.0-beta9/WEB-INF/templates/commonFragments.html
-       
thredds##5.0.0-beta9/WEB-INF/jsp/thredds/server/serverinfo/serverInfo_html.jsp

Is there a better way to do this?  Each time I update the TDS version, I have 
to manually modify these files again.  This is occurring in TDS 5 betas, but 
also was present in TDS 4.x as well.

Thanks,
Mitchell Brown

Follow-Ups:
- Re: [thredds] Remove TDS Version information shown at bottom of page and on Info page.
  - From: Jennifer Oxelson Ganter

2021 messages navigation, sorted by:
1. Thread
2. Subject
3. Author
4. Date
5. ↑ Table Of Contents
Search the thredds archives: