You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2011/09/18 10:33:49 UTC
DO NOT REPLY [Bug 51842] New: Suggesting a new action for the Header
directive: default
https://issues.apache.org/bugzilla/show_bug.cgi?id=51842
Bug #: 51842
Summary: Suggesting a new action for the Header directive:
default
Product: Apache httpd-2
Version: 2.2-HEAD
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: mod_headers
AssignedTo: bugs@httpd.apache.org
ReportedBy: fmarier@gmail.com
Classification: Unclassified
To complement the existing "edit" action which will apply a regexp to an
existing header, it would be great to have an action which would set a header
if one doesn't already exist. It would be a cross between merge/append and set.
Possible names for that action: default, ensure, setifempty, setifmissing
Here is the use case I have in mind for it:
- external application (e.g. using mod_wsgi) usually does not set the
X-Content-Security-Policy header
- mod_headers sets that header to a very strict value that works for most pages
in the application
- the application decides to provide its own X-Content-Security-Policy header
for those pages where the settings need to be relaxed
- mod_headers doesn't do anything if it sees an X-Content-Security-Policy
header from the application
( Use case explained in more details at
http://feeding.cloud.geek.nz/2011/09/adding-x-content-security-policy.html )
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org