dhttpd icon indicating copy to clipboard operation
dhttpd copied to clipboard
verified publisher icon kevmoo

Update regular expression for header flag

Open johnpryan opened this issue 2 years ago • 1 comments

Follow up for https://github.com/kevmoo/dhttpd/pull/61 to allow more characters in the header value

johnpryan avatar Jan 03 '24 21:01 johnpryan

What about adding support for Content Security Policy headers as well? This type of header deviates a bit from the standard header=value syntax.

If we want to keep the flag approach, the regex could be changed as follows:

final _header_key = r'[\w-]+';
final _header_value = r'[\w-]+';
final _csp_header_value = r"(?:[\w-]+(?: [A-Za-z0-9-._~:/?#\[\]@!$&'()*+,%=]+)+(?:; )?)+";
final _delimiter = r';|$';
final _regex= RegExp('(${_header_key})=(${_header_value}|${_csp_header_value})(${_delimiter})');

However, this expression still fails to capture some types of headers (like the Reporting-Endpoints header), which are not straightforward to implement. Therefore, perhaps it would be a good idea to revisit the option of passing headers with a (JSON) file. What do you think @johnpryan?

Here you can find some regex examples with the proposed expression: https://regex101.com/r/8dE5UW/3

Alejandro-FA avatar Sep 20 '24 12:09 Alejandro-FA

@Alejandro-FA I think a JSON file makes more sense overall - maybe that's a better long-term solution than making patches to the regex.

johnpryan avatar Sep 25 '24 18:09 johnpryan