Forum Discussion
Why does WAF block HTTP OPTION method
Does the HTTP Option method pose significant security risk to the web application?
- eeCirrus
Hi, May I know what is meant by the "Methods: act as GET" from the screenshot provided?
- zamroni777Nacreous
web browser sometime sends http options request as safety measures for cross domain transaction, e.g. the webpage is opened from domain A but it also has javascript that sends http post request to domain B
http options request is sent to url in domain B.
https://aws.amazon.com/what-is/cross-origin-resource-sharingif you're admin of domain B, then you need to allow http options request.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com