Accepts only the request methods Membrane knows: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS, CONNECT, TRACE. Every other method, e.g. the WebDAV verb PROPFIND or a made-up FOOBAR, is answered with 501 Not Implemented. See examples/configuration for a runnable config.
Whether to allow the TRACE HTTP method. TRACE echoes the request back in the response body and is a classic vector for cross-site tracing attacks, so it is rejected unless explicitly allowed.
true
maxLength
false
20
Maximum length of an accepted method. Methods longer than this are rejected.