https://bugzilla.novell.com/show_bug.cgi?id=301380 Summary: disable TRACE/TRACK by default Product: openSUSE 10.3 Version: Beta 1 Platform: Other OS/Version: Other Status: NEW Severity: Enhancement Priority: P5 - None Component: Apache AssignedTo: bnc-team-apache@forge.provo.novell.com ReportedBy: dmueller@novell.com QAContact: qa@suse.de Found By: --- given the medium to high probability in being exploited for XSS attacks, I think our apache configuration should disable the TRACE command by default. aka TraceEnable Off -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.