[ https://issues.apache.org/jira/browse/KAFKA-13240?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Viktor Somogyi-Vass updated KAFKA-13240: ---------------------------------------- Labels: cloudera (was: ) > HTTP TRACE should be disabled in Connect > ---------------------------------------- > > Key: KAFKA-13240 > URL: https://issues.apache.org/jira/browse/KAFKA-13240 > Project: Kafka > Issue Type: Improvement > Components: KafkaConnect > Reporter: Viktor Somogyi-Vass > Assignee: Viktor Somogyi-Vass > Priority: Minor > Labels: cloudera > > Modern browsers mostly disable HTTP TRACE to prevent XST (cross-site > tracking) attacks. Because of this usually this type of attack isn't too > prevalent these days but since it isn't disabled in Connect it may open up > possible ways of attacks (and constantly pops up in security scans :) ). > Therefore we'd like to disable it. -- This message was sent by Atlassian Jira (v8.20.7#820007)