[SLING-4800] If SlingMainServlet has allowTrace = false, default Allow header shouldn't contain TRACE method - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: None
Component/s: API, Engine
Labels:
None

Description

If the configuration of the SlingMainServlet specifies that the TRACE method isn't allowed, the Allow header in an OPTIONS response from servlets extending the SlingSafeMethodsServlet still contain the TRACE method. This shouldn't be the case. Although technically allowable by the HTTP spec, this behavior isn't ideal

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Justin Edelson

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 11/Jun/15 13:52

Updated:: 12/Apr/23 05:45

Resolved:: 12/Apr/23 05:45