TechQA.

HTTP DELETE and PUT methods are showing during http OPTIONS method request even after disabling

1.3k views Asked by At

I am trying to disable http PUT and DELETE method in webapplication hosted on Apache Tomcat 9 server. Even though web application doesn't accept PUT and DELETE method but whenever I hit the url with OPTIONS method it does show PUT and DELETE method in allowed methods. Things that I have tried to fix it but didn't work so far

  1. Adding security constraint in Tomcat/conf/web.xml file as below enter image description here

  2. Adding security constraint, same as above,in web.xml located inside the app/WEB-INF/web.xml file

  3. I found out that if I hit just tomcat admin url with OPTIONS method it shows only GET, HEAD, POST, OPTIONS as allowed method but when I am appending app uri in it the allowed methods are GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH

The APP url response enter image description here

The server url response

enter image description here

java web-applications tomcat9 http-delete http-put
Original Q&A
0

There are 0 answers

Related Questions in JAVA

Related Questions in WEB-APPLICATIONS

Related Questions in TOMCAT9

Related Questions in HTTP-DELETE

Related Questions in HTTP-PUT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions