Open johnpryan opened 9 months ago
What about adding support for Content Security Policy headers as well? This type of header deviates a bit from the standard header=value
syntax.
If we want to keep the flag approach, the regex could be changed as follows:
final _header_key = r'[\w-]+';
final _header_value = r'[\w-]+';
final _csp_header_value = r"(?:[\w-]+(?: [A-Za-z0-9-._~:/?#\[\]@!$&'()*+,%=]+)+(?:; )?)+";
final _delimiter = r';|$';
final _regex= RegExp('(${_header_key})=(${_header_value}|${_csp_header_value})(${_delimiter})');
However, this expression still fails to capture some types of headers (like the Reporting-Endpoints
header), which are not straightforward to implement. Therefore, perhaps it would be a good idea to revisit the option of passing headers with a (JSON) file. What do you think @johnpryan?
Here you can find some regex examples with the proposed expression: https://regex101.com/r/8dE5UW/3
@Alejandro-FA I think a JSON file makes more sense overall - maybe that's a better long-term solution than making patches to the regex.
Follow up for https://github.com/kevmoo/dhttpd/pull/61 to allow more characters in the header value