Problem denying TRACE http request method

I'm using Traefik 2.10 and I need to block the TRACE request. If I execute the comand

curl -k -v -X TRACE

I can check an html an other configuration.

I have a security middleware with an accessControlAllowMethods configuration in a yaml file. The configuration looks like this:

            - GET
            - POST

But I still can do a curl TRACE request. I was searching an I don't find any solution to block that kind of request.

Does anyone know how to solve that?

Thanks a lot and regards.

Maybe see this issue comment.

Thanks a lot, work like a charm.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.