Tomcat中禁用OPTIONS/DELETE等
测试:curl -v -X OPTIONS http://localhost:8080/a/
curl -v -X OPTIONS http://localhost:8080/b.jsp
Tomcat的Web.xml中添加如下配置:
<security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>HEAD</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint></auth-constraint>
</security-constraint>
页:
[1]