X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=modules%2Fapache2%2Ffiles%2Fheaders;h=89e693324366aa7bc248464729fd9c7058ecaec2;hb=778db5721899bfcab35141f8376989a2ae08f320;hp=3e7167ac00713712579992fa160185ea9ef81071;hpb=5a2ed7896d6318124afa6b70bbbbf2f6c3c8e383;p=mirror%2Fdsa-puppet.git

diff --git a/modules/apache2/files/headers b/modules/apache2/files/headers
index 3e7167ac0..89e693324 100644
--- a/modules/apache2/files/headers
+++ b/modules/apache2/files/headers
@@ -1,9 +1,9 @@
 <IfModule mod_headers.c>
   Header set X-Clacks-Overhead "GNU Terry Pratchett"
 
-  Header always set X-Content-Type-Options "nosniff"
-  Header always set X-Frame-Options "sameorigin"
-  Header always set Referrer-Policy "no-referrer"
-  # Header always set X-Xss-Protection "1; mode=block"
-  Header always set X-Xss-Protection "1"
+  Header always set X-Content-Type-Options "nosniff" "expr=-z %{resp:X-Content-Type-Options}"
+  Header always set X-Frame-Options "sameorigin" "expr=-z %{resp:X-Frame-Options}"
+  Header always set Referrer-Policy "no-referrer" "expr=-z %{resp:Referrer-Policy}"
+  # Header always set X-Xss-Protection "1; mode=block" "expr=-z %{resp:X-Xss-Protection}"
+  Header always set X-Xss-Protection "1" "expr=-z %{resp:X-Xss-Protection}"
 </IfModule>