Use setifempty to please incompatible httpd versions

Some httpd versions have problem with the old logic leading to resourced served with multiple headers.
This commit is contained in:
Lukas Reschke 2015-12-15 16:37:10 +01:00 committed by Morris Jobke
parent a0345b9465
commit 1ae30d1d9c
1 changed files with 6 additions and 3 deletions

View File

@ -14,9 +14,12 @@
Header set X-Frame-Options "SAMEORIGIN" Header set X-Frame-Options "SAMEORIGIN"
SetEnv modHeadersAvailable true SetEnv modHeadersAvailable true
# Add CSP header if not set, used for static resources <IfModule mod_version.c>
Header append Content-Security-Policy "" <IfVersion >= 2.4.7>
Header edit Content-Security-Policy "^$" "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self'" # Add CSP header if not set, used for static resources
Header setifempty Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline'; script-src 'self'"
</IfVersion>
</IfModule>
</IfModule> </IfModule>
# Add cache control for CSS and JS files # Add cache control for CSS and JS files