How to disable or replace X-Powered-By header in Sails.js application

Question

When I run Sails.js application, it adds the following HTTP header automatically to every response: X-Powered-By: "Sails <sailsjs.org>".

Is it possible to disable or override it?

Answer 1

Edit your config/http.js and set poweredBy to false:

module.exports.http = {
  middleware: {
    poweredBy: false
  }
}

Since Sails will disable the express X-Powered-By header there is no need to disable it manually.

Answer 2

No need to create a new middleware, You can over ride the poweredBy middleware of Sails.js, for example

module.exports.http = {
  middleware: {
    poweredBy:  function (req, res, next) {
      // or uncomment if you want to replace with your own
      // res.set('X-Powered-By', "Some Great Company");      
      return next();
    }
  }
}

Answer 3

Yes, it's quite possible.

You will need to disable the Sails's middleware called poweredBy and also tell Express.js server not to add it's own header.

Just update your config/http.js configuration file to looks like this:

module.exports.http = {
  middleware: {

    disablePoweredBy: function(request, response, next) {
      var expressApp = sails.hooks.http.app;
      expressApp.disable('x-powered-by');
//    response.set('X-Powered-By', 'One Thousand Hamsters');
      next();
    },

    order: [
//    ...
//    'poweredBy',
      'disablePoweredBy',
//    ...
    ]
  }
};

Here, we are retrieving an instance of Express Application from Sails hooks and then using it's disable() method to set the x-powered-by configuration parameter to false value. That will prevent the header from appearing.

And in order to enable this custom middleware, you will need to add it to the order array. You can just replace poweredBy middleware with disablePoweredBy.

Also, by un-commenting the response.set() method you can set your own header value.