( )⚙ D3436 hgweb: allow Content-Security-Policy header on 304 responses (issue5844)

This is an archive of the discontinued Mercurial Phabricator instance.

hgweb: allow Content-Security-Policy header on 304 responses (issue5844)
ClosedPublic

Authored by indygreg on Apr 30 2018, 8:37 PM.

Details

Summary

A side-effect of 98baf8dea553 was that the Content-Security-Policy
header was set on all HTTP responses by default. This header wasn't
in our list of allowed headers for HTTP 304 responses. This would
trigger a ProgrammingError when a 304 response was issued via hgwebdir.

This commit adds Content-Security-Policy to the allow list of headers
for 304 responses so we no longer encounter the error.

Diff Detail

Repository
rHG Mercurial
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

indygreg created this revision.Apr 30 2018, 8:37 PM
krbullock accepted this revision.May 2 2018, 10:10 PM
krbullock added a subscriber: krbullock.

Queued, thanks.

This revision is now accepted and ready to land.May 2 2018, 10:10 PM
This revision was automatically updated to reflect the committed changes.