Skip to content

Feature/header behaviour#378

Merged
GeekInTheNorth merged 5 commits into
developfrom
feature/header_behaviour
Jun 2, 2026
Merged

Feature/header behaviour#378
GeekInTheNorth merged 5 commits into
developfrom
feature/header_behaviour

Conversation

@GeekInTheNorth

Copy link
Copy Markdown
Owner

No description provided.

@GeekInTheNorth GeekInTheNorth self-assigned this Jun 2, 2026
@GeekInTheNorth GeekInTheNorth changed the base branch from main to develop June 2, 2026 21:52
@GeekInTheNorth GeekInTheNorth requested a review from Copilot June 2, 2026 21:53

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds support for “replacement” semantics when applying security headers, allowing configured headers to overwrite existing response header values instead of always appending. This refactor centralizes header application logic in the middleware and propagates the new behavior through header compilation.

Changes:

  • Refactors SecurityHeaderMiddleware to route header application through dedicated append/replace/remove handlers.
  • Introduces HeaderDto.IsReplacement and ensures it’s preserved when headers are cloned per-request.
  • Marks custom headers with CustomHeaderBehavior.Add as replacement headers when compiled for middleware application.

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
src/Stott.Security.Optimizely/Features/Middleware/SecurityHeaderMiddleware.cs Refactors header application and adds explicit append/replace/remove handlers.
src/Stott.Security.Optimizely/Features/Header/HeaderDto.cs Adds IsReplacement flag to support replace semantics.
src/Stott.Security.Optimizely/Features/Header/HeaderCompilationService.cs Preserves IsReplacement when cloning headers for per-request mutation safety.
src/Stott.Security.Optimizely/Features/CustomHeaders/Service/CustomHeaderService.cs Sets IsReplacement for “Add” custom headers so they overwrite existing values.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/Stott.Security.Optimizely/Features/Header/HeaderDto.cs
GeekInTheNorth and others added 4 commits June 2, 2026 22:56
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
@GeekInTheNorth GeekInTheNorth merged commit c562a5f into develop Jun 2, 2026
2 checks passed
@GeekInTheNorth GeekInTheNorth deleted the feature/header_behaviour branch June 2, 2026 22:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Response Headers when Adding should replace a header if it exists already

2 participants