I want to remove X-Powered-By for Security,Save Bandwidth in ExpressJS(node.js). how to do it? it could be filter(app.use) ?
app.use(function(req,res,next_cb){ /* remove X-Powered-By header */ next_cb(); }
The better way to do it is:
app.disable('x-powered-by');
Note that although the header may appear with capital letters when sent, for app.disable to work properly, x-powered-by must be entirely lower case.
You can also make a middleware to remove any header like so:
app.use(function (req, res, next) {
res.removeHeader("X-Powered-By");
next();
});
See more info on how to remove a header:
http://nodejs.org/api/http.html#http_response_removeheader_name