On Fri, Oct 30, 2020, at 05:45, Vincent Pek wrote: > agree on that.. but my company policy states that even for info/low I need to > seek waiver to close it off..
So ... seek a waiver? Or better - get your security team to disable this particular check, since it's both useless (attackers can just probe HTTP methods without asking first) and wrong (RESTful APIs and CORS both use the OPTIONS method). -- Harald -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/d2480160-4a19-4e01-862f-9f077839b45c%40www.fastmail.com.
