From: SourceForge.net <no...@so...> - 2013-06-09 10:08:41
|
Bugs item #3614431, was opened at 2013-06-09 03:08 Message generated for change (Tracker Item Submitted) made by jakwings You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=111118&aid=3614431&group_id=11118 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: funct: header manipulation Group: version 3.0.21 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Jak Wings (jakwings) Assigned to: Nobody/Anonymous (nobody) Summary: multiple server-header-filter wrong matching position Initial Comment: Privoxy Version: 3.0.21 OS: Linux Just see the example below. ------ filter -------- SERVER-HEADER-FILTER: sf-no-frames Block Frames s@(?:\r\n)?X-FRAME-OPTIONS:.*?$@@gsi s@^HTTP.*$@$0\r\nX-FRAME-OPTIONS: SAMEORIGIN@ SERVER-HEADER-FILTER: sf-csp CSP s@(?:\r\n)?Content-Security-Policy:.*?$@@gsi #1 #s@^HTTP.*$@$0\r\nContent-Security-Policy: default-src 'none'; script-src 'self'@ #2 s@^Date.*$@$0\r\nContent-Security-Policy: default-src 'none'; script-src 'self'@ ------ action -------- { +server-header-filter{sf-no-frames} \ +server-header-filter{sf-csp-weibo-sina} } ------ server headers ------ HTTP/1.1 200 OK Server: nginx Date: Sun, 09 Jun 2013 10:03:08 GMT ------ result with #1 ------- HTTP/1.1 200 OK X-FRAME-OPTIONS: SAMEORIGIN Server: nginx Date: Sun, 09 Jun 2013 10:03:08 GMT ------ result with #2 ------- HTTP/1.1 200 OK X-FRAME-OPTIONS: SAMEORIGIN Server: nginx Date: Sun, 09 Jun 2013 10:03:08 GMT Content-Security-Policy: default-src 'none'; script-src 'self' ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=111118&aid=3614431&group_id=11118 |