Content-Security-Policy header gets lowercased
Francis Daly
francis at daoine.org
Thu Oct 8 07:28:01 UTC 2015
On Wed, Oct 07, 2015 at 12:19:56PM +0200, Joó Ádám wrote:
Hi there,
> I noticed that when adding a `Content-Security-Policy` header to the
> response, the header name gets lowercased. Neither
> `Content-Security-Polic` or `Content-Security-Policyy`, or any other
> header I came across gets lowercased. Is this a bug?
Works for me:
===
server {
add_header Content-Security-Policy "nginx $request_uri";
listen 8195;
}
===
$ curl -sI http://localhost:8195/300.txt | grep nginx
Server: nginx/1.9.5
Content-Security-Policy: nginx /300.txt
How can I reproduce the problem that you see?
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list