diff --git a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java
index a7e1aee5c..71abc2953 100644
--- a/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java
+++ b/apps/i2ptunnel/java/src/net/i2p/i2ptunnel/I2PTunnelHTTPServer.java
@@ -66,13 +66,18 @@ public class I2PTunnelHTTPServer extends I2PTunnelServer {
private static final String HASH_HEADER = "X-I2P-DestHash";
private static final String DEST64_HEADER = "X-I2P-DestB64";
private static final String DEST32_HEADER = "X-I2P-DestB32";
- private static final String[] CLIENT_SKIPHEADERS = {HASH_HEADER, DEST64_HEADER, DEST32_HEADER};
- private static final String SERVER_HEADER = "Server";
- private static final String X_POWERED_BY_HEADER = "X-Powered-By";
- private static final String X_RUNTIME_HEADER = "X-Runtime"; // Rails
+ /** MUST ALL BE LOWER CASE */
+ private static final String[] CLIENT_SKIPHEADERS = {HASH_HEADER.toLowerCase(Locale.US),
+ DEST64_HEADER.toLowerCase(Locale.US),
+ DEST32_HEADER.toLowerCase(Locale.US)};
+ private static final String DATE_HEADER = "date";
+ private static final String SERVER_HEADER = "server";
+ private static final String X_POWERED_BY_HEADER = "x-powered-by";
+ private static final String X_RUNTIME_HEADER = "x-runtime"; // Rails
// https://httpoxy.org
- private static final String PROXY_HEADER = "Proxy";
- private static final String[] SERVER_SKIPHEADERS = {SERVER_HEADER, X_POWERED_BY_HEADER, X_RUNTIME_HEADER, PROXY_HEADER};
+ private static final String PROXY_HEADER = "proxy";
+ /** MUST ALL BE LOWER CASE */
+ private static final String[] SERVER_SKIPHEADERS = {DATE_HEADER, SERVER_HEADER, X_POWERED_BY_HEADER, X_RUNTIME_HEADER, PROXY_HEADER};
/** timeout for first request line */
private static final long HEADER_TIMEOUT = 15*1000;
/** total timeout for the request and all the headers */
@@ -951,6 +956,7 @@ public class I2PTunnelHTTPServer extends I2PTunnelServer {
* @param socket if null, use in as InputStream
* @param in if null, use socket.getInputStream() as InputStream
* @param command out parameter, first line
+ * @param skipHeaders MUST be lower case
* @throws SocketTimeoutException if timeout is reached before newline
* @throws EOFException if EOF is reached before newline
* @throws LineTooLongException if one header too long, or too many headers, or total size too big
@@ -1039,7 +1045,7 @@ public class I2PTunnelHTTPServer extends I2PTunnelServer {
// For outgoing, we remove certain headers to improve anonymity.
boolean skip = false;
for (String skipHeader: skipHeaders) {
- if (skipHeader.toLowerCase(Locale.US).equals(lcName)) {
+ if (skipHeader.equals(lcName)) {
skip = true;
break;
}
diff --git a/installer/resources/eepsite/contexts/base-context.xml b/installer/resources/eepsite/contexts/base-context.xml
index 70b681ba5..2604c2527 100644
--- a/installer/resources/eepsite/contexts/base-context.xml
+++ b/installer/resources/eepsite/contexts/base-context.xml
@@ -15,6 +15,11 @@ to serve static html files and images.
org.eclipse.jetty.servlet.Default.cacheControl
max-age=3600,public
+
+
+ org.eclipse.jetty.servlet.Default.dirAllowed
+ false
+
diff --git a/installer/resources/eepsite/jetty-ssl.xml b/installer/resources/eepsite/jetty-ssl.xml
index 5b4268433..07e864420 100644
--- a/installer/resources/eepsite/jetty-ssl.xml
+++ b/installer/resources/eepsite/jetty-ssl.xml
@@ -269,7 +269,8 @@
false
- true
+ false
+ false
diff --git a/installer/resources/eepsite/jetty.xml b/installer/resources/eepsite/jetty.xml
index dd2be4ddd..294c3dbb3 100644
--- a/installer/resources/eepsite/jetty.xml
+++ b/installer/resources/eepsite/jetty.xml
@@ -117,7 +117,8 @@
false
- true
+ false
+ false