Re: Disable HTTP TRACE

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Shing Wai Chan <Shing-Wai.Chan_at_Sun.COM>
Date: Mon, 23 Nov 2009 15:59:32 -0800

glassfish_at_javadesktop.org wrote:
> I am using a web security analyzer tool: nikto.
> When I scan GlassFish on my local box, it says HTTP TRACE is enabled.
> When I add the property "traceEnabled" and set it to "false", nikto still reports that HTTP TRACE is enabled.
> Is this the correct way to disable HTTP TRACE?
>
Do you set the property under http-service?
Shing Wai Chan
> [Message sent by forum member 'bmw01281991' ]
>
> http://forums.java.net/jive/thread.jspa?messageID=373057
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>