-Tim
Mark Lenz wrote:
Our company conducted a security audit and Tomcat was reported as supporting TRACE and TRACK. It said, "It has been shown that servers supporting this method are subject to cross-site-scripting attacks, dubbed XST for 'Cross-Site-Tracing', when used in conjunction with various weaknesses in browsers." I have been assigned the task of turning off this support, but I have searched Google, tomcat-user archives and the Tomcat documentation to no avail. Does anyone know how to disable these methods? Thanks.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
