Puma error responses - remove fingerprints to indicate Puma (#3161)

* Puma::Const::ERROR_RESPONSE - remove Server header * Puma::Const::ERROR_RESPONSE - remove response bodies
puma · May 27, 2023 · a434005 · a434005
1 parent 7b7774c
commit a434005
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/lib/puma/const.rb b/lib/puma/const.rb
@@ -125,15 +125,15 @@ module Const
       # Indicate that we couldn't parse the request
       400 => "HTTP/1.1 400 Bad Request\r\n\r\n",
       # The standard empty 404 response for bad requests.  Use Error4040Handler for custom stuff.
-      404 => "HTTP/1.1 404 Not Found\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\nNOT FOUND",
+      404 => "HTTP/1.1 404 Not Found\r\nConnection: close\r\n\r\n",
       # The standard empty 408 response for requests that timed out.
-      408 => "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\nServer: Puma #{PUMA_VERSION}\r\n\r\n",
+      408 => "HTTP/1.1 408 Request Timeout\r\nConnection: close\r\n\r\n",
       # Indicate that there was an internal error, obviously.
       500 => "HTTP/1.1 500 Internal Server Error\r\n\r\n",
       # Incorrect or invalid header value
       501 => "HTTP/1.1 501 Not Implemented\r\n\r\n",
       # A common header for indicating the server is too busy.  Not used yet.
-      503 => "HTTP/1.1 503 Service Unavailable\r\n\r\nBUSY"
+      503 => "HTTP/1.1 503 Service Unavailable\r\n\r\n"
     }.freeze
 
     # The basic max request size we'll try to read.