在我的Django应用程序中，以下设置确保响应头启用了标准键值对

但是，“服务器”名称和版本信息在默认情况下仍然可见，需要隐藏（暴露的服务器名称和版本是OWASP漏洞）

middleware.py

class MyAppMiddleware:

    def __init__(self, get_response):
        self.get_response = get_response

    def __call__(self, request):
        response = self.get_response(request)
        response['X-XSS-Protection'] = "1; mode=block"
        return response


class RemoveHeaders(object):           # this method invocation throws error
    def process_response(self, request, response):
        response['Server'] = ''
        return response

正如在其他文章中所建议的，这个middleware.py是在settings.py中的middleware的第一个顺序中声明的：

MIDDLEWARE = [
    'MyApp.middleware.RemoveHeaders',
    'MyApp.middleware.MyAppMiddleware',
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

RemoveHeaders（）方法抛出错误：TypeError:RemoveHeaders（）不接受任何参数。这是因为我不确定将哪个对象传递给此方法

更新：导入以下内容对我有效。

from django.utils.deprecation import MiddlewareMixin


# class to import in RemoveHeaders--

class RemoveHeaders(MiddlewareMixin):
     # rest of the code