X-Powered-By keep showing when I leave it empty in config file #58

hyquoccuong · 2021-01-11T07:24:54Z

In Laravel config/secure-headers.php

    /*
     * X-Powered-By
     *
     * Note: it will not add to response header if the value is empty string.
     */
    'x-powered-by' => '',

But in header it shows

X-Powered-By: PHP/7.2.28

If I change the value:

'x-powered-by'  => config('app.name'),

Header shows:

And if I change the config to

'x-powered-by' => [
    'enable' => false,
],

Now it shows:

I just want to hide/remove it completely or just show one line with set value in config file, could you please let me know how to do that?

The text was updated successfully, but these errors were encountered:

tobias-trozowski · 2021-02-19T20:40:47Z

not sure about your setup and i'm not a lara user but u might check https://www.php.net/manual/en/ini.core.php#ini.expose-php

aesyondu · 2021-03-29T02:48:57Z

I have the same issue. Have you found a workaround @hyquoccuong ?

composer.json (versions):

{
  "bepsvpt/secure-headers": "v6.3.0",
  "laravel/lumen-framework": "v5.8.13",
}

config/secure-headers.php

    /*
     * X-Powered-By
     *
     * Note: it will not add to response header if the value is empty string.
     */

    'x-powered-by' => '',

aesyondu · 2021-03-29T03:14:20Z

Nvm, thanks @tobias-trozowski. In my case it was the php.ini

php -i | grep expose
# expose_php => On => On

expose_php => Off => Off

bepsvpt · 2022-11-19T23:34:23Z

Close due to inactive.

bepsvpt closed this as completed Nov 19, 2022