Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 32125 invoked from network); 14 May 2010 18:43:54 -0000 Received: from unknown (HELO mail.apache.org) (140.211.11.3) by 140.211.11.9 with SMTP; 14 May 2010 18:43:54 -0000 Received: (qmail 27289 invoked by uid 500); 14 May 2010 18:43:50 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 27255 invoked by uid 500); 14 May 2010 18:43:50 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 27245 invoked by uid 99); 14 May 2010 18:43:49 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 May 2010 18:43:49 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of aw@ice-sa.com designates 212.85.38.228 as permitted sender) Received: from [212.85.38.228] (HELO tor.combios.es) (212.85.38.228) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 May 2010 18:43:42 +0000 Received: from localhost (localhost [127.0.0.1]) by tor.combios.es (Postfix) with ESMTP id B4F4B226124 for ; Fri, 14 May 2010 20:42:32 +0200 (CEST) Received: from tor.combios.es ([127.0.0.1]) by localhost (tor.combios.es [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9TU6An3RP2dT for ; Fri, 14 May 2010 20:42:32 +0200 (CEST) Received: from [192.168.245.129] (p549E0F84.dip0.t-ipconnect.de [84.158.15.132]) by tor.combios.es (Postfix) with ESMTPA id 6705222611A for ; Fri, 14 May 2010 20:42:32 +0200 (CEST) Message-ID: <4BED99C0.50303@ice-sa.com> Date: Fri, 14 May 2010 20:43:12 +0200 From: =?ISO-8859-1?Q?Andr=E9_Warnier?= Reply-To: Tomcat Users List User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Restrict http methods References: <99C8B2929B39C24493377AC7A121E21F98E49F06E1@USEA-EXCH8.na.uis.unisys.com> <4BEC8B23.3000404@ice-sa.com> <4BECFF1F.1070804@apache.org> <4BED046F.2030601@ice-sa.com> <4BED0683.1070706@apache.org> <4BED3CDC.80403@ice-sa.com> <4BED6C11.7030601@ice-sa.com> <4BED752C.3020700@apache.org> In-Reply-To: <4BED752C.3020700@apache.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org Mark Thomas wrote: ... > > TRACE & PUT could be tested safely but it is hard to test DELETE without > causing some damage if it is permitted. > Well, you could DELETE http://localhost/some-highly-unlikely-url and check if you get a 404, couldn't you ? Although I do remember writing once a URL-checker program and its test suite, where I used domain names like http://unknown-domain.com http://inexistant.com etc.. and be surprised as to how many of those actually do exist. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org