I am setting a Content-Security-Policy header in my .htaccess file, and it has grown to be an extremely long single line, which is a bother to manage. Is there some way to break up this line into more manageable substrings?
As a trivial example, say I am setting a header like
Header set Content-Security-Policy "deafult-src http://domainA.com; script-src http://domainB.com"
I can (without obvious breaking problems) accomplish my specific case with something like
Header append Content-Security-Policy "default-src http://domainA.com;"
Header append Content-Security-Policy "script-src http://domainB.com"
but that will insert commas into the string, so I was still curious if there was a better answer that could be applied generally, without adding the additional chars to the response.
What would be ideal is if there were some concatenation character that I could use to break the string into smaller parts, like
Header set Content-Security-Policy "default-src http://domainA.com;"
\" script-src http://domainB.com"
or
Header set Content-Security-Policy "default-src http://domainA.com;"^
" script-src http://domainB.com"
or
Header set Content-Security-Policy "default-src http://domainA.com;"
+" script-src http://domainB.com"
Alternatively, if I could set some sort of variable and just dump their contents to do something like
a="default-src http://domainA.com;"
b=" script-src http://domainB.com"
Header set Content-Security-Policy $a$b
that would also be much more managable.
There was a similar topic that came up for nginx and the conclusion was just to live with the long lines (they were dealing with a long regex, so the append solution wouldn't have worked); Is that going to be the case for Apache as well?
