[
https://issues.apache.org/jira/browse/CXF-8045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17451221#comment-17451221
]
Freeman Yue Fang commented on CXF-8045:
---------------------------------------
Hi [~reta],
This ticket is for http-undertow transport, and it actually aligns with the
same behaviour as http-jetty(please see CXF-7114, HTTP trace is normally
considered as a security risk since it can leak some sensitive info )
If JAX-RS TCK needs TRACE, probably we can introduce another option to enable
it(but with the default behaviour that disable HTTP trace for CXF endpoint)
Best Regards
Freeman
> Disable HTTP TRACE method on CXF http-undertow transport
> --------------------------------------------------------
>
> Key: CXF-8045
> URL: https://issues.apache.org/jira/browse/CXF-8045
> Project: CXF
> Issue Type: Improvement
> Reporter: Freeman Yue Fang
> Assignee: Freeman Yue Fang
> Priority: Major
> Fix For: 3.2.10, 3.3.3
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
