There is not switch at the tomcat configuration level?
I know apache has one "" where you can specify to block http
methods...
-peter
-Original Message-
From: Anto Paul [mailto:[EMAIL PROTECTED]
Sent: Monday, June 06, 2005 10:04 PM
To: Tomcat Users List
Subject: Re: Disabling put and delete http methods...
On 6/7/05, Peter Fellwock <[EMAIL PROTECTED]> wrote:
> Tomcat Gurus:
>
>
>
> How can I disable "put" and "delete" http methods?
>
Putting a security constraint in web.xml works. Try this in
applications web.xml. Usually it will be last element in the web.xml.
Disallowed Location
*
DELETE
PUT
*
--
rgds
Anto Paul
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]