tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: OT Re: Restrict http methods
Date Sat, 15 May 2010 11:25:03 GMT
Pid wrote:
> On 14/05/2010 19:43, André Warnier wrote:
>> Mark Thomas wrote:
>> ...
>>
>>> TRACE & PUT could be tested safely but it is hard to test DELETE without
>>> causing some damage if it is permitted.
>>>
>> Well, you could DELETE http://localhost/some-highly-unlikely-url
>> and check if you get a 404, couldn't you ?
> 
> ... accidentally triggering an obscure bug, which <insert massive FAIL
> here>.
> 
Tomcat being Open Source, there cannot be obscure bugs.  They are all 
very visible.
But I recant.  The request above should have been
DELETE http://localhost/program%20files/internet%20explorer
So that if by any chance it works, one wouldn't lose anything essential.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message