1

i need help on how to disable HTTP methods on my cowboy server.

Tried to search on the internet but eneded up with no solutions

Improve this question
1
  • Me too! OPTIONS is being flagged as a vuln. Can't find out how to disable it Commented May 7, 2020 at 20:04

1 Answer 1

Reset to default
1

The documentation for method gives this example:

init(Req, State) ->
    case lists:member(cowboy_req:method(Req), [<<"GET">>, <<"POST">>]) of
        true -> handle(Req, State);
        false -> method_not_allowed(Req, State)
    end.

You can easily adapt that to be a blacklist instead of a whitelist. For example, to ban OPTIONS and TRACE, you'd do this:

init(Req, State) ->
    case lists:member(cowboy_req:method(Req), [<<"OPTIONS">>, <<"TRACE">>]) of
        false -> handle(Req, State);
        true -> method_not_allowed(Req, State)
    end.
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Awesome. Now I just have no idea if RabbitMQ exposes anything related in their use of it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.