task-4611 川北剩余高中危漏洞处理

  允许HTTP TRACE / TRACK方法【原理扫描】
      修复，web.xml增加配置security配置

ibps-comp-root/modules/comp-raqsoft-web/src/main/webapp/WEB-INF/web.xml

@@ -302,4 +302,14 @@
 	<session-config>
 		<session-timeout>30</session-timeout>
 	</session-config>
+	<!-- 禁用 TRACE/TRACK方法 -->
+	<security-constraint>
+		<web-resource-collection>
+			<web-resource-name>Deny TRACE/TRACK</web-resource-name>
+			<url-pattern>/*</url-pattern>
+			<http-method>TRACE</http-method>
+			<http-method>TRACK</http-method>
+		</web-resource-collection>
+		<auth-constraint/>
+	</security-constraint>
 </web-app>