[ https://issues.apache.org/jira/browse/SLING-53?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12553455 ]
Roy T. Fielding commented on SLING-53: -------------------------------------- This needs to be very well documented. Some companies will consider it to be a security hole and will need a way to turn it off (globally). It also must be limited to POST requests. In other words, nobody can tunnel a state-changing operation through GET. > Add request filter for method overwrite > --------------------------------------- > > Key: SLING-53 > URL: https://issues.apache.org/jira/browse/SLING-53 > Project: Sling > Issue Type: New Feature > Components: Core, microsling > Reporter: Felix Meschberger > Fix For: 2.0.0 > > > To allow for method overwrite I suggest to add a request processing Filter > along the lines of the Abdera MethodOverWriteFilter [1] as stipulated by Roy > in [2]. > [1] > http://svn.apache.org/viewvc/incubator/abdera/java/trunk/server/src/main/java/org/apache/abdera/protocol/server/servlet/MethodOverrideFilter.java?view=markup&pathrev=510085 > [2] http://www.mail-archive.com/sling-dev@incubator.apache.org/msg00355.html -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.