recall - Microsoft Web Services Security Recommendation: Disable HTTP-GET

Mr. FoRK fork_list@hotmail.com
Mon, 1 Apr 2002 10:43:48 -0800


Looks like MS took the page down. Either that or they disabled GET on it...

--old news--

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnnetsec/ht
ml/disHTT.asp?frame=true

Security Recommendation: Disable HTTP-GET and HTTP-POST Protocols for
Production XML Web Services

February 2002

Summary: For security reasons, Web service operators may want to disable the
HTTP-GET and HTTP-POST messaging protocols for XML Web services. Disabling
these protocols will help prevent external Web sites from maliciously
communicating with XML Web services on your intranet. (5 printed pages)