For the new http header option, the doc says:
for = "/**.html"
Content-Security-Policy = "script-src localhost:1313"
But those headers are not delivered to html page if section is accessed via
section/ instead of
Wich seems legit with the
"/**.html" option, but not with real usage.
It works with option
"/**" but those headers are also sent with all files.
"**/" seems to work as expected.
Any tip/light about what is the expected behaviour for this ??
Thanks for this post. I couldn’t figure out why the headers weren’t applied with the
for = "/**.html" path.
It might be an unindented development feature. I don’t suppose it should work like this.
Because if you access
hugo server responds with
301 - Moved Permanently, and redirects to
So even though the headers are properly added to
*/index.html, they aren’t useful because there’s an immediate redirect.
The Netlify docs, from which the Hugo feature took its idea, mention that
for is “the path or URL where the headers will be added”. But I don’t see examples for how to handle URLs with
Perhaps Netlify users can shed some light on this.