From f3f7e319ae8146b474569c18a2062bee0b1f79d5 Mon Sep 17 00:00:00 2001
From: Blacksmoke16 <yomoejoe@gmail.com>
Date: Wed, 9 May 2018 03:19:59 -0400
Subject: [PATCH] Ability to optionally disable powered-by header (#449)

---
 spec/config_spec.cr       |  4 ++++
 spec/init_handler_spec.cr | 10 ++++++++++
 src/kemal/config.cr       |  1 +
 src/kemal/init_handler.cr |  2 +-
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/spec/config_spec.cr b/spec/config_spec.cr
index ade3633..d9cc05e 100644
--- a/spec/config_spec.cr
+++ b/spec/config_spec.cr
@@ -17,6 +17,10 @@ describe "Config" do
     config.env.should eq "production"
   end
 
+  it "sets default powered_by_header to true" do
+    Kemal.config.powered_by_header.should be_true
+  end
+
   it "sets host binding" do
     config = Kemal.config
     config.host_binding = "127.0.0.1"
diff --git a/spec/init_handler_spec.cr b/spec/init_handler_spec.cr
index d877249..11b7d71 100644
--- a/spec/init_handler_spec.cr
+++ b/spec/init_handler_spec.cr
@@ -19,4 +19,14 @@ describe "Kemal::InitHandler" do
     Kemal::InitHandler::INSTANCE.call(context)
     context.response.headers["X-Powered-By"].should eq "Kemal"
   end
+
+  it "does not initialize context with X-Powered-By: Kemal if disabled" do
+    Kemal.config.powered_by_header = false
+    request = HTTP::Request.new("GET", "/")
+    io = IO::Memory.new
+    response = HTTP::Server::Response.new(io)
+    context = HTTP::Server::Context.new(request, response)
+    Kemal::InitHandler::INSTANCE.call(context)
+    context.response.headers["X-Powered-By"]?.should be_nil
+  end
 end
diff --git a/src/kemal/config.cr b/src/kemal/config.cr
index 0ef8be6..729a9e0 100644
--- a/src/kemal/config.cr
+++ b/src/kemal/config.cr
@@ -22,6 +22,7 @@ module Kemal
     property always_rescue, server : HTTP::Server?, extra_options, shutdown_message
     property serve_static : (Bool | Hash(String, Bool))
     property static_headers : (HTTP::Server::Response, String, File::Stat -> Void)?
+    property powered_by_header : Bool = true
 
     def initialize
       @host_binding = "0.0.0.0"
diff --git a/src/kemal/init_handler.cr b/src/kemal/init_handler.cr
index a098697..881325b 100644
--- a/src/kemal/init_handler.cr
+++ b/src/kemal/init_handler.cr
@@ -7,7 +7,7 @@ module Kemal
     INSTANCE = new
 
     def call(context : HTTP::Server::Context)
-      context.response.headers.add "X-Powered-By", "Kemal"
+      context.response.headers.add "X-Powered-By", "Kemal" if Kemal.config.powered_by_header
       context.response.content_type = "text/html" unless context.response.headers.has_key?("Content-Type")
       call_next context
     end