Description
Modern browsers mostly disable HTTP TRACE to prevent XST (cross-site tracking) attacks. Because of this usually this type of attack isn't too prevalent these days but since it isn't disabled in Connect it may open up possible ways of attacks (and constantly pops up in security scans ). Therefore we'd like to disable it.
Attachments
Issue Links
- links to