Server 標頭描述處理請求的伺服器軟體資訊:也就是產生回應的伺服器資訊。
請避免 Server 值的資訊過度冗長與詳盡,因為它們可能會洩漏實做細節、讓攻擊者容易找到已知安全漏洞並利用之。
| 標頭類型 | Response header |
|---|---|
| Forbidden header name | 否 |
語法
Server: <product>
指令
- <product>
- 處理請求的軟體(或組件)名。語法通常與
User-Agent相似。
How much detail to include is an interesting balance to strike; exposing the OS version is probably a bad idea, as mentioned in the earlier warning about overly-detailed values. However, exposed Apache versions helped browsers work around a bug those versions had with Content-Encoding combined with Range.
示例
Server: Apache/2.4.1 (Unix)
規範
| 規範 | 標題 |
|---|---|
| RFC 7231, section 7.4.2: Server | Hypertext Transfer Protocol (HTTP/1.1):語意化及內容 |
瀏覽器相容性
The compatibility table in this page is generated from structured data. If you'd like to contribute to the data, please check out https://github.com/mdn/browser-compat-data and send us a pull request.
Update compatibility data on GitHub
| Desktop | Mobile | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
Server | Chrome Full support Yes | Edge Full support 12 | Firefox Full support Yes | IE Full support Yes | Opera Full support Yes | Safari Full support Yes | WebView Android Full support Yes | Chrome Android Full support Yes | Firefox Android Full support Yes | Opera Android Full support Yes | Safari iOS Full support Yes | Samsung Internet Android Full support Yes |
Legend
- Full support
- Full support