How to remove X-Powered-By header from proxy-conf.js file in angular cli project

Question

I am trying to remove x-powered-by header from response headers in angular cli project.As there is no direct access for express, so how can we remove header from all request's response header. I tried following -

const PROXY_CONFIG = [
 {
   context: [
     '/'
   ],
   secure: false,
   bypass: function (req, res) {
     res.removeHeader('x-powered-by');
   }
 }
];

module.exports = PROXY_CONFIG;

But it worked only for first request, for all other request it didn't work.

I tried following as well but the function doesn't get triggered -

 const PROXY_CONFIG = [
 {
   context: [
     '/'
   ],
   secure: false,
   onProxyRes: function (proxyRes, req, res) {
     delete proxyRes.headers['x-powered-by']; 
   }
 }
];

module.exports = PROXY_CONFIG;

I referred following links -

Angular: add custom HTTP response headers to dev `ng serve`

How set proxy headers in proxy.config.json file for angularcli project

i am facing similar issue , did you find a solution for this, i am trying it using interceptors, This is still not working......(event instanceof HttpResponse) { event = event.clone({ headers: event.headers.delete('x-aspnet-version') .delete('x-powered-by') }); return event; } — Ish
– Ish, Commented May 7, 2020 at 15:41
I think you can do that easily using hemlet.js on express side. — Namdeo Karande
– Namdeo Karande, Commented May 12, 2020 at 11:11

Mr Khan · Accepted Answer · 2020-04-01 20:32:39Z

0

You can remove existing header in Interceptors.

 if (!req.headers.has('X-Powered-By')) {
 req = req.clone({ headers: req.headers.delete('X-Powered-By','xxxxx') });

To Check the current value of the header.

req.headers.get('Accept')

answered Apr 1, 2020 at 20:32

Mr Khan

2,3061 gold badge9 silver badges27 bronze badges

Sign up to request clarification or add additional context in comments.

5 Comments

Namdeo Karande Over a year ago

It is a response header, i think we would need to handle it when sending response right.

Mr Khan Over a year ago

yes but if you didnt had accept to the response header so when fetching it with angular, interceptions can be used for the same task.

Ish Over a year ago

i am trying to do same , but it is not working event = event.clone({ headers: event.headers.delete('x-aspnet-version').delete('x-powered-by') });

Mr Khan Over a year ago

You are doing it wrong req = req.clone({ headers: req.headers.delete(''x-powered-by','x-aspnet-version') });

Ish Over a year ago

i had tried both dint work, finally removed it using server settings to remove headers.

Namdeo Karande · Accepted Answer · 2020-05-06 09:27:12Z

0

It does work for the proxies correctly. So for all the request it was resolved by adding it on express side. Used helmetjs.

const helmet = require('helmet')

app.use(helmet())
app.disable('x-powered-by')

answered May 6, 2020 at 9:27

Namdeo Karande

4031 gold badge4 silver badges21 bronze badges

Collectives™ on Stack Overflow

How to remove X-Powered-By header from proxy-conf.js file in angular cli project

2 Answers 2

5 Comments

Comments

Your Answer

Linked

Hot Network Questions

Collectives™ on Stack Overflow

2 Answers 2

5 Comments

Comments

Your Answer

Sign up or log in

Post as a guest

Linked

Related