On 05/02/2017 17:29, Olivier Jaquemet wrote:
[...]
there is one case where the [allowTrace] configuration does not fully
apply response to OPTIONS request for custom servlet (i.e. any non
tomcat servlet inherting from HttpServlet).
In such case the TRACE methods is incorrectly listed in the All
On 05/02/2017 17:29, Olivier Jaquemet wrote:
[...]
To reproduce:
1. deploy the attached war (containg all sources) in a tomcat instance
listening on port 80 (listing on port 80 is required for proper
validation through nmap https-methods script).
The simple test webapp :
https://www.dropbox.
