SAP Knowledge Base Article - Preview

3080838 - Security issue: servers accepting dangerous HTTP methods OPTIONS, TRACE and/or TRACK

Symptom

In some security penetration testing report, it may mention that the server supports dangerous HTTP methods OPTIONS, TRACE and/or TRACK, and recommend to disable them like:
- Disable the 'TRACE' method on the proxy servers, as well as the origin web/application server.
- Disable the 'OPTIONS' method on the proxy servers, as well as the origin web/application server, if it is not required for other purposes, such as 'CORS' (Cross-Origin Resource Sharing).


Read more...

Product

SAP Commerce Cloud 1811 ; SAP Commerce Cloud 1905 ; SAP Commerce Cloud 2005 ; SAP Commerce Cloud 2011

Keywords

KBA , CEC-COM-CPS-OTH , Other topics , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.