hgweb: allow Content-Security-Policy header on 304 responses (issue5844)...
hgweb: allow Content-Security-Policy header on 304 responses (issue5844)
A side-effect of
98baf8dea553 was that the Content-Security-Policy
header was set on all HTTP responses by default. This header wasn't
in our list of allowed headers for HTTP 304 responses. This would
trigger a ProgrammingError when a 304 response was issued via hgwebdir.
This commit adds Content-Security-Policy to the allow list of headers
for 304 responses so we no longer encounter the error.
Differential Revision:
https://phab.mercurial-scm.org/D3436
