|
From: | Alexandru Cojocaru |
Subject: | Avoid entities with TRACE request |
Date: | Tue, 27 Aug 2013 18:11:23 +0200 |
User-agent: | Mozilla/5.0 (Windows NT 6.1; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 |
RFC2616 forbids an entity within a TRACE request see: https://tools.ietf.org/html/rfc2616#section-9.8 should we do some extra checks inside `http-trace' and avoid such requests? PS: entities are defined here: https://tools.ietf.org/html/rfc2616#section-7 Best regards, Alexandru Cojocaru
[Prev in Thread] | Current Thread | [Next in Thread] |