pypi
Validate our current headers against Fastly's list
Fastly has provided a list of headers and whether sites should keep them or remove them. It'd be great to go through that list, see which ones we're currently sending or not sending, and stop sending/start sending them.
Note that some of the headers they say are useless are actually important in some cases. There's a decent discussion on hacker news here.
The idea is good, but fastly's list is relatively overbroad, and if pypi is using a CDN, removing some of the "unneeded" headers might actually break things.
HI guys, i do not know if this is the best "issue" to ask about something, but i wanted to know if you are planing to allow cross origin.... I'm trying to build a Opensource program that would help me to find packages across many package systems... like NPM, Python, Lua and so on... but i began writting it in Angular and I Run into CORS issues.
Done @Cheukting :) I've assigned to myself, as I can't assign to you, but consider it reserved :)
After investigation here is the ones that we have and is mentioned in list of headers:
server (set by web server) x-cache (set by CDN) x-cache-hits (set by CDN) x-served-by (set by CDN) x-frame-option (set by web server)
Thanks for investigating @Cheukting ! @ewdurbin after some investigation, it looks like these settings need to be adjusted on our servers and CDN, so I have reassigned to you :)