On Tuesday 15 January 2002 12:06 pm, joshua goldfarb wrote: > It seems that the DELETE method is enabled on your web server > This is only present on a few of the servers.
If those machines are IIS, that plugin is most likely not a false positive. Here is a quick qay to test manually: 1. Telnet to port 80 on your web server 2. Send the following request OPTIONS / HTTP/1.1<crlf> Host: www.somesite.com<crlf> <crlf> <crlf> <crlf> is the standard carriage return + line feed - what you send when you hit Enter in the telnet client. Look at the response back, is there an Allow: header which contains the DELETE string? Try putting a file on the web server and deleting it. 1. Telnet to the web server on port 80 2. Send the following request: DELETE /test_file.txt HTTP/1.1<crlf> Host: www.somesite.com<crlf> <crlf> <crlf> Now try bring up that file in your browser, does it still exist? Hope this helped , -HD
