Viktor Somogyi-Vass created KAFKA-13240:
-------------------------------------------
Summary: HTTP TRACE should be disabled in Connect
Key: KAFKA-13240
URL: https://issues.apache.org/jira/browse/KAFKA-13240
Project: Kafka
Issue Type: Improvement
Components: KafkaConnect
Reporter: Viktor Somogyi-Vass
Assignee: Viktor Somogyi-Vass
Modern browsers mostly disable HTTP TRACE to prevent XST (cross-site tracking)
attacks. Because of this usually this type of attack isn't too prevalent these
days but since it isn't disabled in Connect it may open up possible ways of
attacks (and constantly pops up in security scans :) ). Therefore we'd like to
disable it.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
