1 Reply Latest reply on Jan 21, 2010 1:20 PM by peterj

    How to disable HTTP DELETE method

    bkokilan Jan 21, 2010 5:00 AM

      We are using JBOSS 4.0.5 version in our project. One of the security vulnerability tools, pointed out a vulnurability saying " Disable the ‘DELETE’ HTTP method" in the application.  May anyone help me out how to solve this issue by doing suitable configuration?

       

      Thanks a lot.

      BKokilan.

      • 3174 Views
      • Tags:
        • 1. Re: How to disable HTTP DELETE method
          peterj
          peterj Jan 21, 2010 1:20 PM (in response to bkokilan)

          The DELETE is handled by each application as it sees fit. In most apps the DELETE is not handled in which case if defaults to the doDelete() method in HttpServlet which returns with a "not supported" error.

           

          Why does the tool you are using think that this is a security issue?

            • Actions