DO NOT REPLY [Bug 51842] New: Suggesting a new action for the Header directive: default

[bu...@apache.org]

https://issues.apache.org/bugzilla/show_bug.cgi?id=51842

             Bug #: 51842
           Summary: Suggesting a new action for the Header directive:
                    default
           Product: Apache httpd-2
           Version: 2.2-HEAD
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: enhancement
          Priority: P2
         Component: mod_headers
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: fmarier@gmail.com
    Classification: Unclassified


To complement the existing "edit" action which will apply a regexp to an
existing header, it would be great to have an action which would set a header
if one doesn't already exist. It would be a cross between merge/append and set.

Possible names for that action: default, ensure, setifempty, setifmissing

Here is the use case I have in mind for it:

- external application (e.g. using mod_wsgi) usually does not set the
X-Content-Security-Policy header
- mod_headers sets that header to a very strict value that works for most pages
in the application
- the application decides to provide its own X-Content-Security-Policy header
for those pages where the settings need to be relaxed
- mod_headers doesn't do anything if it sees an X-Content-Security-Policy
header from the application

( Use case explained in more details at
http://feeding.cloud.geek.nz/2011/09/adding-x-content-security-policy.html )

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org