Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help Prevent HTTP verb tampering
Prevent HTTP verb tampering
  • Offline skunkbad
    Senior Citizen
  • *****
  • Posts: 1,300
    Threads: 63
    Joined: Oct 2014
    Reputation: 86
#6
07-07-2017, 12:35 AM
(This post was last modified: 07-07-2017, 12:51 AM by skunkbad.)

(07-06-2017, 10:45 PM)june123 Wrote: But the PUT method can be used to introduce malicious codes to the server.

Similarly the DELETE method can be used to remove important files of the application, thus causing denial of service, removal of configuration files etc.

I don't know what kind of server you're using, but that's not standard functionality for Apache or Litespeed. If it was, it would be a major security issue. No good server operating system is going to allow that kind of behavior.

Edit - 
I do see where people are enabling these request methods, because they're asking on stack overflow, and getting answers. Seems to me it's a pretty stupid thing to do ... But then I also think REST sucks too. Just don't enable them, and you've got nothing to worry about.
Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3
Reply


Messages In This Thread
Prevent HTTP verb tampering - by june123 - 07-06-2017, 01:41 AM
RE: Prevent HTTP verb tampering - by skunkbad - 07-06-2017, 07:43 AM
RE: Prevent HTTP verb tampering - by june123 - 07-06-2017, 07:16 PM
RE: Prevent HTTP verb tampering - by skunkbad - 07-06-2017, 08:38 PM
RE: Prevent HTTP verb tampering - by june123 - 07-06-2017, 10:45 PM
RE: Prevent HTTP verb tampering - by skunkbad - 07-07-2017, 12:35 AM
RE: Prevent HTTP verb tampering - by Narf - 07-07-2017, 02:00 AM
RE: Prevent HTTP verb tampering - by june123 - 07-07-2017, 03:11 AM



Theme © iAndrew 2016 - Forum software by © MyBB