Looking at the spec, it seems it is allowed to send Content-Length to 304, in a way that it sends the exact same value for the original 200 response. I would say this is extremely rare with a PSGI application, but seems invasive for a framework to restrict that.
A server MAY send a Content-Length header field in a 304 (Not
Modified) response to a conditional GET request (Section 4.1 of
[RFC7232]); a server MUST NOT send Content-Length in such a response
unless its field-value equals the decimal number of octets that would
have been sent in the payload body of a 200 (OK) response to the same
request.
A server MUST NOT send a Content-Length header field in any response
with a status code of 1xx (Informational) or 204 (No Content). A
server MUST NOT send a Content-Length header field in any 2xx
(Successful) response to a CONNECT request (Section 4.3.6 of
[RFC7231]).
Looking at the spec, it seems it is allowed to send Content-Length to 304, in a way that it sends the exact same value for the original 200 response. I would say this is extremely rare with a PSGI application, but seems invasive for a framework to restrict that.
https://tools.ietf.org/html/rfc7230#section-3.3.2