Thank you for verifying that ! It helps a lot I know the TRACE and OPTIONS may be a different story - Trace at least can be disabled. I greatly appreciate your response!
On Fri, Aug 8, 2014 at 7:50 PM, Rob Silver <rss...@gmail.com> wrote: > Is it true that by default on a Apache Tomcat 7.025 server RESTFUL verbs > are enabled > as part of the HTTP protocol Tomcat uses? > Anotherwards if I hade a restful web application - perhaps a spring mvc one > would it work out of the box as far as security constraints go? > I have not yet seen any way to control a Tomcat server not to accept > DELETE, PUT etc.. in addition to standard GET / POST http verbs. > mailer-dae...@apache.org > 2:07 PM (5 hours ago) > > >
