users@glassfish.java.net

Disable HTTP TRACE

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: <glassfish_at_javadesktop.org>
Date: Mon, 23 Nov 2009 15:53:43 PST

I am using a web security analyzer tool: nikto.
When I scan GlassFish on my local box, it says HTTP TRACE is enabled.
When I add the property "traceEnabled" and set it to "false", nikto still reports that HTTP TRACE is enabled.
Is this the correct way to disable HTTP TRACE?
[Message sent by forum member 'bmw01281991' ]

http://forums.java.net/jive/thread.jspa?messageID=373057

This message: [ Message body ]
Next message: Shing Wai Chan: "Re: Disable HTTP TRACE"
Previous message: glassfish_at_javadesktop.org: "Encoding of glassfish"
Next in thread: Shing Wai Chan: "Re: Disable HTTP TRACE"
Reply: Shing Wai Chan: "Re: Disable HTTP TRACE"
Maybe reply: Anissa Lam: "Re: Disable HTTP TRACE"
Reply: glassfish_at_javadesktop.org: "Re: Disable HTTP TRACE"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]