Feature: Add the traceparent header #813

moxli · 2024-01-03T09:36:22Z

Description

Nikto identifies the "traceparent" header as uncommon.

    "vulnerabilities": [
      {
        "id": "999100",
        "method": "GET",
        "msg": "Uncommon header 'traceparent' found, with contents: 00-be484f8b1ba6ea20ebb8819b6a7cfb72-5120fc279a175459-01.",
        "url": "/"
      }
    ]

The traceparent header is widely used by tracing systems to identify the incoming request and IMHO not uncommon or interesting for the user.

Flagging it makes it hard to deduplicate Nikto findings because it's content changes with every request.

Links/Info

Header description: https://www.w3.org/TR/trace-context/

The text was updated successfully, but these errors were encountered:

moxli added the enhancement label Jan 3, 2024

moxli changed the title ~~Feature: Add the traceparent header~~ Feature: Add tracing headers Jan 3, 2024

moxli changed the title ~~Feature: Add tracing headers~~ Feature: Add the traceparent header Jan 3, 2024

moxli mentioned this issue Jan 10, 2024

Don't report the traceparent header #817

Merged

sullo closed this as completed in #817 Mar 1, 2024

sullo added a commit that referenced this issue Apr 26, 2024

Add traceparent per #813

559f8ab

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature: Add the traceparent header #813

Feature: Add the traceparent header #813

moxli commented Jan 3, 2024

Feature: Add the traceparent header #813

Feature: Add the traceparent header #813

Comments

moxli commented Jan 3, 2024

Description

Links/Info