-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CSP header not sent when cache hit #6
Comments
Hi @MrTschi. If Magento sent this header, We are storing the headers. Please make var_dump() her content["header”] or something like that and check the headers stored by Magento. |
check this:
https://github.com/Genaker/FastFPC/blob/main/Mage/FPC/FPC.php#L131-L135
you probably have some specific issue.
…On Thu, Aug 24, 2023 at 1:24 PM MrTschi ***@***.***> wrote:
For cache-HITs, the Content-Security-Policy header is not returned to the
viewer.
—
Reply to this email directly, view it on GitHub
<#6>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACGJNZTQITCJPPOZMZOQWC3XW62AVANCNFSM6AAAAAA35RTLVU>
.
You are receiving this because you are subscribed to this thread.Message
ID: ***@***.***>
|
Yes, but it seems like the CSP Header is not saved in redis. You could say its a magento bug, but with varnish it would work. |
You need to fix this bug ;) I know how to fix.
But you can hard code all you headers.
Before echo $content :
Or you can set them in the Nginx. Etc.
…On Sat, Aug 26, 2023 at 2:00 AM MrTschi ***@***.***> wrote:
Yes, but it seems like the CSP Header is not saved in redis.
I investigated a bit and it seems like redis-FPC is saved before CSP
Headers are set.
You could say its a magento bug, but with varnish it would work.
any idea how to fix this?
—
Reply to this email directly, view it on GitHub
<#6 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACGJNZT3QSDLMIMOEQ5SVQLXXG3JRANCNFSM6AAAAAA35RTLVU>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
|
For cache-HITs, the Content-Security-Policy header is not returned to the viewer.
The text was updated successfully, but these errors were encountered: