Security Basics mailing list archives
about http method
From: "Monty Ree" <chulmin2 () hotmail com>
Date: Tue, 31 May 2005 02:34:53 +0000
Hello, all.Some documents say to limit some method at apache server to improve security.
So I have some questions about HTTP method.1. first question
When I using CONNECT method, the apache result was different. (config is alike, version is 1.3.26 alike)Some apache : Allow: GET, HEAD, OPTIONS, TRACE
but some apache like below.Allow: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY, MOVE, LOCK, UNLOCK, TRACE
== Why the result is not same? 2. and additional quesiton.I allowed GET,POST,OPTIONS like below, but apache says that TRACE method is allowed too.
What's the relations between OPTIONS and TRACE? <LimitExcept GET POST OPTIONS> Order allow,deny deny from all </LimitExcept> Thanks in advance. _________________________________________________________________싸게 싸게 MSN공동구매 http://www.waawaa.com/cobuy/cobuy_default.asp?siteid=10160
Current thread:
- about http method Monty Ree (May 31)