Restricting HTTP Methods (Doc ID 2183773.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle WebCenter Sites - Version 12.2.1.0.0 and later
Information in this document applies to any platform.

Goal

Is it safe to block access to HEAD, PUT and DELETE for all URLs (except REST calls, which need them) as well as OPTIONS, TRACE and CONNECT for all URLs?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms