Re: [VulnDiscuss] Re: TRACE used to increase the dangerous of XSS.

["Kevin Spett" <kspett () spidynamics com>]

> I am not familiar with any HTTP aware network based firewalls which have
> the ability to see inside of an HTTP request looking for TRACE and then
> deny. Likely because its too much overhead per request. But hey, I could
> be wrong, maybe there is one.

Reverse proxy servers could probably do this pretty easily.



Kevin Spett
SPI Labs
http://www.spidynamics.com/