The HTTP options restrict access to HTTP services from specified hosts and from specified interfaces.
If you want to... | Configure the option... |
---|---|
Restrict access to HTTP services | httpd.access |
Enable or disable support for the HTTP TRACE method | httpd.method.trace.enable By default, this option is off. The HTTP TRACE method allows an HTTP client to see what is being received at the other end of the request chain, for debugging purposes. (For more information, see RFC 2616.) However, attackers can leverage the HTTP TRACE method in conjunction with cross-domain browser vulnerabilities to read sensitive header information from third-party domains. For more information, search for Vulnerability Note 867593 in the United States Computer Emergency Readiness Team Vulnerability Notes Database at www.cert.org. |
In the following example, only host Host1 is allowed access through interface e3 to the HTTPD services on storage system Filer1:
Filer1> options httpd.access host=Host1 AND if=e3