Patchwork D3436: hgweb: allow Content-Security-Policy header on 304 responses (issue5844)

login
register
mail settings
Submitter phabricator
Date May 3, 2018, 2:25 a.m.
Message ID <fa6b37e315bf5ce50a6b9a253b306622@localhost.localdomain>
Download mbox | patch
Permalink /patch/31258/
State Not Applicable
Headers show

Comments

phabricator - May 3, 2018, 2:25 a.m.
This revision was automatically updated to reflect the committed changes.
Closed by commit rHG3e3acf5d6a07: hgweb: allow Content-Security-Policy header on 304 responses (issue5844) (authored by indygreg, committed by ).

REPOSITORY
  rHG Mercurial

CHANGES SINCE LAST UPDATE
  https://phab.mercurial-scm.org/D3436?vs=8444&id=8448

REVISION DETAIL
  https://phab.mercurial-scm.org/D3436

AFFECTED FILES
  mercurial/hgweb/request.py
  tests/test-hgweb-csp.t

CHANGE DETAILS




To: indygreg, #hg-reviewers, krbullock
Cc: krbullock, mercurial-devel

Patch

diff --git a/tests/test-hgweb-csp.t b/tests/test-hgweb-csp.t
--- a/tests/test-hgweb-csp.t
+++ b/tests/test-hgweb-csp.t
@@ -57,8 +57,8 @@ 
   $ get-with-headers.py --twice --headeronly localhost:$HGPORT repo1/static/style.css content-security-policy
   200 Script output follows
   content-security-policy: script-src https://example.com/ 'unsafe-inline'
-  500 Internal Server Error
-  [1]
+  304 Not Modified
+  content-security-policy: script-src https://example.com/ 'unsafe-inline'
 
 repo page should send CSP by default, include etag w/o nonce
 
diff --git a/mercurial/hgweb/request.py b/mercurial/hgweb/request.py
--- a/mercurial/hgweb/request.py
+++ b/mercurial/hgweb/request.py
@@ -473,6 +473,7 @@ 
                           if k.lower() not in ('date', 'etag', 'expires',
                                                'cache-control',
                                                'content-location',
+                                               'content-security-policy',
                                                'vary')}
             if badheaders:
                 raise error.ProgrammingError(