1. Security Administration Guide
  2. Disable HTTP TRACE

Disable HTTP TRACE

The HTTP TRACE request method causes data to be returned to the client after it is retrieved by the server. The TRACE process can open up the system to malicious applications that can send the information to a third party site. Therefore, it is recommended that you disable HTTP TRACE. Refer to the security documentation for your application server for more information.