glassfish_at_javadesktop.org wrote:
> I am using a web security analyzer tool: nikto.
> When I scan GlassFish on my local box, it says HTTP TRACE is enabled.
> When I add the property "traceEnabled" and set it to "false", nikto still reports that HTTP TRACE is enabled.
> Is this the correct way to disable HTTP TRACE?
>
Do you set the property under http-service?
Shing Wai Chan
> [Message sent by forum member 'bmw01281991' ]
>
> http://forums.java.net/jive/thread.jspa?messageID=373057
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>