Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

have quarkus use user-agent when interacting with systems #27889

Open
maxandersen opened this issue Sep 13, 2022 · 6 comments
Open

have quarkus use user-agent when interacting with systems #27889

maxandersen opened this issue Sep 13, 2022 · 6 comments
Labels
area/amazon-lambda area/amazon-services area/core area/elasticsearch area/google-cloud-functions area/kubernetes kind/enhancement New feature or request

Comments

@maxandersen
Copy link
Member

Description

In #21458 user-agent used when calling amazon lambda apis is set to:

 USER_AGENT_VALUE = String.format(
            "quarkus/%s-%s",
            System.getProperty("java.vendor.version"),
            AbstractLambdaPollLoop.class.getPackage().getImplementationVersion());

and used in http url connection requests allowing Amazon to identify Quarkus usage.

We should do similar for other integrations that allow setting user agent.

Suggestion is to make a config property that defaults to something similar to above but include java.vendor and follow more defacto standard user-agent format.

Something like: "quarkus/2.13.0.Final java/19 (Eclipse Adoptium Temurin-19+36-202208180334)"

Using format: "quarkus/${quarkus.version} java/${java.vm.specification.version} (${java.vendor} ${java.vendor.version})"

Implementation ideas

No response
@maxandersen maxandersen added the kind/enhancement New feature or request label Sep 13, 2022
@geoand
Copy link
Contributor

geoand commented Sep 13, 2022

We should do similar for other integrations that allow setting user agent.

Do you have any such integrations in mind?

@maxandersen
Copy link
Member Author

Do you have any such integrations in mind?

any use of http based apis, i.e. amazon, google, azure, kubernetes/openshift, would be my first thought.

@quarkus-bot
Copy link

quarkus-bot bot commented Sep 29, 2022

/cc @Sanne, @aloubyansky, @geoand, @gsmet, @loicmathieu, @matejvasek, @patriot1burke, @radcortez, @stuartwdouglas

@mfpc
Copy link
Contributor

mfpc commented Feb 6, 2023
edited
Loading

Could anyone confirm if is this correct? Should I change another files? Please let me know
#30934

@geoand
Copy link
Contributor

geoand commented Feb 6, 2023 via email

@mfpc mfpc mentioned this issue Feb 7, 2023
Closed
@sberyozkin
Copy link
Member

sberyozkin commented Feb 28, 2023
edited
Loading

Exposing the fact Quarkus is used should be optional, it is exactly the same type of issue where someone does not want Server: Undertow or similar be reported in responses, we might've had related issues. Otherwise the information leak issues will just follow

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/amazon-lambda area/amazon-services area/core area/elasticsearch area/google-cloud-functions area/kubernetes kind/enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@Sanne @maxandersen @yrodiere @sberyozkin @mfpc @geoand