From 851030ea8f49aa6e509b4460129393577a462079 Mon Sep 17 00:00:00 2001
From: Dirk <dirk@testssl.sh>
Date: Fri, 1 Dec 2017 13:31:43 +0100
Subject: [PATCH] Fixes in headers

- double word match: Content-Security-Policy matched also X-Content-Security-Policy
- X-UA-Compatible always appeared twice
---
 testssl.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/testssl.sh b/testssl.sh
index 9f28664..d9c60cc 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -1668,12 +1668,12 @@ detect_header() {
      local spaces="$3"
      local -i nr=0
 
-     nr=$(grep -Faciw "$key:" $HEADERFILE)
+     nr=$(grep -Eaicw "^ *$key:" $HEADERFILE)
      if [[ $nr -eq 0 ]]; then
           HEADERVALUE=""
           return 0
      elif [[ $nr -eq 1 ]]; then
-          HEADERVALUE=$(grep -Faiw "$key:" $HEADERFILE)
+          HEADERVALUE=$(grep -Eiaw "^ *$key:" $HEADERFILE)
           HEADERVALUE=${HEADERVALUE#*:}                        # remove leading part=key to colon
           HEADERVALUE="$(strip_leading_space "$HEADERVALUE")"
           return 1
@@ -2319,7 +2319,7 @@ run_cookie_flags() {     # ARG1: Path
 
 run_more_flags() {
      local good_flags2test="X-Frame-Options X-XSS-Protection X-Content-Type-Options Content-Security-Policy X-Content-Security-Policy X-WebKit-CSP Content-Security-Policy-Report-Only Expect-CT"
-     local other_flags2test="Access-Control-Allow-Origin Upgrade X-Served-By X-UA-Compatible Referrer-Policy X-UA-Compatible"
+     local other_flags2test="Access-Control-Allow-Origin Upgrade X-Served-By Referrer-Policy X-UA-Compatible"
      local f2t line
      local first=true
      local spaces="                              "