Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Web app security, http-method tag

 
Nikunj Kshatriya
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have a query regarding the web app security topic.

If you do not specify the <http-method> tag in the <web-resource-collection> then it means that ALL methods are constrained. Would <http-method>*</http-method> mean the same ? The HFSJ does not mention this case.

Nikunj
 
Sunder Ganapathy
Ranch Hand
Posts: 120
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
'*' will not work. Either you specify each HTTP method you want to restrict or restrict all HTTP methods by not specifying any HTTP method.
 
Nikunj Kshatriya
Greenhorn
Posts: 7
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Have you tried it out ?
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic