Open conf-test opened 3 years ago
Hi,
I'm security researcher. Thank you for providing this useful docker image! After I set it up, I found the "TRACE" http method are enabled in this repo. This seems to be not recommended as https://www.acunetix.com/vulnerabilities/web/trace-method-is-enabled/ and you can fix with https://www.techstacks.com/howto/disable-tracetrack-in-apache-httpd.html.
If you want, I can create a pull request to help fix it. Please let me what you think. Thanks!
Best, ~cf
Yeah sure, please create a pull request. Thanks
Hi,
I'm security researcher. Thank you for providing this useful docker image! After I set it up, I found the "TRACE" http method are enabled in this repo. This seems to be not recommended as https://www.acunetix.com/vulnerabilities/web/trace-method-is-enabled/ and you can fix with https://www.techstacks.com/howto/disable-tracetrack-in-apache-httpd.html.
If you want, I can create a pull request to help fix it. Please let me what you think. Thanks!
Best, ~cf