( )⚙ D3436 hgweb: allow Content-Security-Policy header on 304 responses (issue5844)

This is an archive of the discontinued Mercurial Phabricator instance.

hgweb: allow Content-Security-Policy header on 304 responses (issue5844)
ClosedPublic

Authored by indygreg on Apr 30 2018, 8:37 PM.

Details

Summary

A side-effect of 98baf8dea553 was that the Content-Security-Policy
header was set on all HTTP responses by default. This header wasn't
in our list of allowed headers for HTTP 304 responses. This would
trigger a ProgrammingError when a 304 response was issued via hgwebdir.

This commit adds Content-Security-Policy to the allow list of headers
for 304 responses so we no longer encounter the error.

Diff Detail

Repository
rHG Mercurial
Lint
Lint Skipped
Unit
Unit Tests Skipped

Event Timeline

indygreg created this revision.Apr 30 2018, 8:37 PM
krbullock accepted this revision.May 2 2018, 10:10 PM
krbullock added a subscriber: krbullock.

Queued, thanks.

This revision is now accepted and ready to land.May 2 2018, 10:10 PM
This revision was automatically updated to reflect the committed changes.