To simplify things and help our users to be more productive, we have archived the current forum and focus our efforts on helping developers on Stack Overflow. You can post new questions on Stack Overflow or join our Discord channel.
we recently check security of our Vaadin Web Application with a penetration test. Testers report vaadin version informations printed on HTML as a problem. In fact, the main HTML produced contains vaadin version numer in loaded resources name. Testers think this one can be use by a cracker to get specifics bug informations of release and use it to penetrate the application.
Is there any way to obfuscate informations like versions?
What is the Vaadin Team point of view about this problem?