Update regular expression for header flag

[johnpryan]

Follow up for https://github.com/kevmoo/dhttpd/pull/61 to allow more characters in the header value

[Alejandro-FA]

What about adding support for Content Security Policy headers as well? This type of header deviates a bit from the standard header=value syntax.

If we want to keep the flag approach, the regex could be changed as follows:

final _header_key = r'[\w-]+';
final _header_value = r'[\w-]+';
final _csp_header_value = r"(?:[\w-]+(?: [A-Za-z0-9-._~:/?#\[\]@!$&'()*+,%=]+)+(?:; )?)+";
final _delimiter = r';|$';
final _regex= RegExp('(${_header_key})=(${_header_value}|${_csp_header_value})(${_delimiter})');

However, this expression still fails to capture some types of headers (like the Reporting-Endpoints header), which are not straightforward to implement. Therefore, perhaps it would be a good idea to revisit the option of passing headers with a (JSON) file. What do you think @johnpryan?

Here you can find some regex examples with the proposed expression: https://regex101.com/r/8dE5UW/3

[johnpryan]

@Alejandro-FA I think a JSON file makes more sense overall - maybe that's a better long-term solution than making patches to the regex.