HTTP Dispatcher (httpDispatcher)

HTTP Dispatcher configuration.

Name	Type	Default	Description
appOrContextRootMissingMessage	string		Message to return to the client when the application in the requested URI can not be found.
enableWelcomePage	boolean	true	Enables the default Liberty profile welcome page when no application is bound to a context root of "/". The default value is true.
trustedHeaderOrigin	string	*	Private headers are used by the web server plug-in to provide information about the original request. These headers take precedence over the http Host header, and are used to select a virtual host to service a request. The default value is '*', which will trust incoming private headers from any source. Specify 'none' to disable private headers and rely only on the http Host header, or specify a list of IP addresses to restrict private header processing to specific trusted sources.
trustedSensitiveHeaderOrigin	string	none	Private headers are used by the web server plug-in to provide information about the original request. A subset of these headers are considered sensitive. By default, the value for this property is 'none'. Incoming, sensitive private headers are not trusted from any source. Specify a comma-separated list of IP addresses, such as {1.1.2.2, F:FF:FFF:FFFF:1:11:111:1111} to allow sensitive private header processing for specific trusted sources, or specify '*' to trust incoming sensitive private headers from any source.

Name

Type

Default

Description

appOrContextRootMissingMessage

string

Message to return to the client when the application in the requested URI can not be found.

enableWelcomePage

boolean

true

Enables the default Liberty profile welcome page when no application is bound to a context root of "/". The default value is true.

trustedHeaderOrigin

string

Private headers are used by the web server plug-in to provide information about the original request. These headers take precedence over the http Host header, and are used to select a virtual host to service a request. The default value is '*', which will trust incoming private headers from any source. Specify 'none' to disable private headers and rely only on the http Host header, or specify a list of IP addresses to restrict private header processing to specific trusted sources.

trustedSensitiveHeaderOrigin

string

none

Private headers are used by the web server plug-in to provide information about the original request. A subset of these headers are considered sensitive. By default, the value for this property is 'none'. Incoming, sensitive private headers are not trusted from any source. Specify a comma-separated list of IP addresses, such as {1.1.2.2, F:FF:FFF:FFFF:1:11:111:1111} to allow sensitive private header processing for specific trusted sources, or specify '*' to trust incoming sensitive private headers from any source.