This content has been marked as final.
Show 3 replies
-
1. Re: Disable Trace or Track on Wildfly 9.0.2 Final to mitigate Vulnerability Issue
ptyagi_redhat.com Oct 25, 2017 2:19 AM (in response to jmart537)You can disable TRACE and TRACK http-methods in your application WEB-INF/web.xml .
-
2. Re: Disable Trace or Track on Wildfly 9.0.2 Final to mitigate Vulnerability Issue
jmart537 Oct 25, 2017 2:39 AM (in response to jmart537)Hi Priyanka Tyagi,
Can you share with me what to configure in the web.xml file so that i can just disable both above?
Great if you do that.
Regards
-
3. Re: Disable Trace or Track on Wildfly 9.0.2 Final to mitigate Vulnerability Issue
ptyagi_redhat.com Oct 25, 2017 11:41 AM (in response to jmart537)The configuration will be like below:
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
<http-method>TRACE</http-method>
<http-method>TRACK</http-method>
</web-resource-collection>
<auth-constraint/>
</security-constraint>