From my understanding, this is an issue of the particular servlet container,
not an issue of JAX-RS.
> -----Original Message-----
> From: Bill Burke [mailto:bburke_at_redhat.com]
> Sent: Dienstag, 21. Mai 2013 14:04
> To: jsr339-experts_at_jax-rs-spec.java.net
> Subject: [jsr339-experts] Re: remove TRACE support
>
> Cross-site tracing is one:
>
> http://www.apacheweek.com/issues/03-01-24#news
>
>
> On 5/18/2013 4:06 AM, Markus KARG wrote:
> > I can't see how we should discuss this without provision of more
> > details on the security problems?
> >
> >> -----Original Message-----
> >> From: Bill Burke [mailto:bburke_at_redhat.com]
> >> Sent: Freitag, 17. Mai 2013 22:30
> >> To: jsr339-experts_at_jax-rs-spec.java.net
> >> Subject: [jsr339-experts] remove TRACE support
> >>
> >> I ran into a problem where our Servlet container does not support
> >> TRACE for security reasons. I'm wondering if we should remove TRACE
> >> support from the API, or, at least make it optional.
> >> --
> >> Bill Burke
> >> JBoss, a division of Red Hat
> >> http://bill.burkecentral.com
> >
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com