In some security penetration testing report, it may mention that the server supports dangerous HTTP methods OPTIONS, TRACE and/or TRACK, and recommend to disable them like:
- Disable the 'TRACE' method on the proxy servers, as well as the origin web/application server.
- Disable the 'OPTIONS' method on the proxy servers, as well as the origin web/application server, if it is not required for other purposes, such as 'CORS' (Cross-Origin Resource Sharing).
SAP Commerce Cloud 1811 ; SAP Commerce Cloud 1905 ; SAP Commerce Cloud 2005 ; SAP Commerce Cloud 2011
KBA , CEC-SCC-PLA-PL , Platform , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.