Describe the issue
The list of HTTP headers that we parse (for checking against non-standard and deprecation) is currently hardcoded. Ideally this should be read from a config file. A next step would be to create a scraper that takes this data from the Mozilla website to then feed it into KAT. That would introduce some other issues/questions wrg Mozilla making changes to their website and having to update our boefje every time.
Collection of HTTP response security headers to add. could be ingested as part of an example config, but is opinionated when it comes to suggested values.
Describe the issue The list of HTTP headers that we parse (for checking against non-standard and deprecation) is currently hardcoded. Ideally this should be read from a config file. A next step would be to create a scraper that takes this data from the Mozilla website to then feed it into KAT. That would introduce some other issues/questions wrg Mozilla making changes to their website and having to update our boefje every time.
Related tickets are:
2731
3188