Versions Compared

Old Version 2

changes.mady.by.user Unknown User (r.arts)

Saved on

compared with

New Version Current

changes.mady.by.user Unknown User (s.wartenberg)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Block HTTP Methods

If you would like to block certain HTTP request methods in order to minimize security risks, the Blueriq Runtime provides a configuration option to list blocked HTTP requests methods. These methods will be blocked globally. Examples of HTTP request methods that you may want to block include HEAD, OPTIONS or TRACE. By default, no HTTP request methods are blocked. The Blueriq Runtime will respond with status code 405 Method Not Allowed to requests made with a blocked HTTP method.

 

UI Expand
titleJava Runtime

By default nothing is blocked.

The property should be:

Code Block
languagetext
blueriq.security.http.restricted-methods=

To block use:

Code Block
languagetext
blueriq.security.http.restricted-methods=head,options
UI Expand
title.NET Runtime

By default nothing is blocked.

The property should be:

Code Block
languagetext
<webApplication>
  <restricted-methods>
  </restricted-methods>
</webApplication>

 

To block use:

Code Block
languagetext
<webApplication> <restricted-methods> <method value="head"/> <method value="options"/> </restricted-methods> </webApplication>