Update Istio server response header to prevent information disclosure.
User Story:
As a PB engineer, I would like to query *.dso.mil
endpoints and not have its response headers include sensitive information. The sensitive information in this context is the proxy server being used. See example pf current behavior below.
tunde@Tunde il2 % curl login.dso.mil -v
* Trying 3.32.3.254...
* TCP_NODELAY set
* Connected to login.dso.mil (3.32.3.254) port 80 (#0)
> GET / HTTP/1.1
> Host: login.dso.mil
> User-Agent: curl/7.64.1
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< location: https://login.dso.mil/
< date: Wed, 10 Mar 2021 03:27:00 GMT
< server: istio-envoy
< content-length: 0
<
* Connection #0 to host login.dso.mil left intact
* Closing connection 0
More details on this issue here. Istio issue
**Expected behavior: **
The response header from a request to P1 endpoints should return a value specific to P1 that doesn't expose the proxy server being used.