jfifth opened a new issue, #15943: URL: https://github.com/apache/dolphinscheduler/issues/15943
### Search before asking - [X] I had searched in the [DSIP](https://github.com/apache/dolphinscheduler/issues/14102) and found no similar DSIP. ### Motivation DS was scanned for TRACE vulnerability。An attacker exploiting a TRACE request, in combination with other browser-side vulnerabilities, could potentially conduct a cross-site scripting attack to obtain sensitive information, such as authentication information in a cookie, which would be used in other types of attacks. ### Design Detail jetty TRACE requests can be disabled via a configuration option ### Compatibility, Deprecation, and Migration Plan _No response_ ### Test Plan _No response_ ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
