Disable Support for TRACE Requests
Though useful for debugging, enabling allowTrace can expose some browsers to an cross-site scripting XSS attack. This can be mitigated by disabling allowTrace in the server.xml file.
Though useful for debugging, enabling allowTrace can expose some browsers to an cross-site scripting XSS attack. This can be mitigated by disabling allowTrace in the server.xml file.