ASF Bugzilla – Full Text Bug Listing
|Summary:||Suggesting a new action for the Header directive: default|
|Product:||Apache httpd-2||Reporter:||Francois Marier <fmarier>|
|Component:||mod_headers||Assignee:||Apache HTTPD Bugs Mailing List <bugs>|
Description Francois Marier 2011-09-18 08:33:49 UTC
To complement the existing "edit" action which will apply a regexp to an existing header, it would be great to have an action which would set a header if one doesn't already exist. It would be a cross between merge/append and set. Possible names for that action: default, ensure, setifempty, setifmissing Here is the use case I have in mind for it: - external application (e.g. using mod_wsgi) usually does not set the X-Content-Security-Policy header - mod_headers sets that header to a very strict value that works for most pages in the application - the application decides to provide its own X-Content-Security-Policy header for those pages where the settings need to be relaxed - mod_headers doesn't do anything if it sees an X-Content-Security-Policy header from the application ( Use case explained in more details at http://feeding.cloud.geek.nz/2011/09/adding-x-content-security-policy.html )
Comment 1 Kevin Locke 2015-10-03 02:21:33 UTC
Unless I am mistaken, this was fixed in httpd 2.4.7 with the introduction of setifempty. Please excuse my preventiveness if marking this bug as RESOLVED/FIXED is inappropriate.