remm 2004/01/10 09:24:31
Modified: catalina/src/conf web.xml
Log:
- Disable trace by default.
Revision Changes Path
1.29 +12 -0 jakarta-tomcat-catalina/catalina/src/conf/web.xml
Index: web.xml
===================================================================
RCS file: /home/cvs/jakarta-tomcat-catalina/catalina/src/conf/web.xml,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- web.xml 19 Dec 2003 18:58:31 -0000 1.28
+++ web.xml 10 Jan 2004 17:24:31 -0000 1.29
@@ -345,6 +345,18 @@
-->
+ <!-- ======================= Disable TRACE by default =================== -->
+
+ <security-constraint>
+ <web-resource-collection>
+ <web-resource-name>DisableExploitTraceHTTP</web-resource-name>
+ <url-pattern>/*</url-pattern>
+ <http-method>TRACE</http-method>
+ </web-resource-collection>
+ <auth-constraint/>
+ </security-constraint>
+
+
<!-- ==================== Default Session Configuration ================= -->
<!-- You can set the default session timeout (in minutes) for all newly -->
<!-- created sessions by modifying the value below. -->
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
