#######################################################################
# File Source: https://cirt.net
# (c) 2001 Chris Sullo, All Rights Reserved.
# This file may only be distributed and used with the full Nikto package.
# This file may not be used with any software product without written permission from
# Chris Sullo (csullo@gmail.com)
#
# Note:
# By submitting updates to this file you are transferring any and all copyright
# interest in the data to Chris Sullo so it can modified, incorporated into this product
# relicensed or reused.
#######################################################################
# Notes:
# - Use lowercase only
# - Keep list alphabetically (for readability)
#######################################################################
"header"
"accept"
"accept-charset"
"accept-encoding"
"accept-language"
"accept-ranges"
"access-control-allow-credentials"
"access-control-allow-headers"
"access-control-allow-methods"
"access-control-allow-origin"
"access-control-expose-headers"
"access-control-max-age"
"age"
"allow"
"alternates"
"alt-svc"
"authorization"
"bfcache-opt-in"
"cache-control"
"cf-cache-status"
"cf-ray"
"cf-request-id"
"commerce-server-software"
"connection"
"content-encoding"
"content-language"
"content-length"
"content-location"
"content-md5"
"content-range"
"content-security-policy"
"content-security-policy-report-only"
"content-type"
"cross-origin-opener-policy"
"cross-origin-resource-policy"
"dasl"
"date"
"dav"
"etag"
"expect"
"expect-ct"
"expires"
"feature-policy"
"from"
"host"
"if-match"
"if-modified-since"
"if-none-match"
"if-range"
"if-unmodified-since"
"keep-alive"
"last-modified"
"link"
"location"
"max-forwards"
"mime-version"
"nel"
"nncoection"
"p3p"
"persistent-auth"
"permissions-policy"
"pragma"
"proxy-authenticate"
"proxy-authorization"
"proxy-connection"
"public"
"range"
"referer"
"referrer-policy"
"report-to"
"retry-after"
"server"
"set-cookie"
"status"
"strict-transport-security"
"te"
"timing-allow-origin"
"trailer"
"transfer-encoding"
"upgrade"
"user-agent"
"vary"
"via"
"warning"
"whisker"
"www-authenticate"
"x-aspnetmvc-version"
"x-aspnet-version"
"x-cache-hits"
"x-clacks-overhead"
"x-cnection"
"x-content-security-policy"
"x-content-type-options"
"x-download-options"
"x-drupal-cache"
"x-frame-options"
"x-generator"
"x-id"
"x-nf-request-id"
"xmlns"
"x-amz-cf-id"
"x-amz-cf-pop"
"x-amz-version-id"
"x-cache"
"x-cdn"
"x-dns-prefetch-control"
"x-mod-pagespeed"
"x-pad"
"x-page-speed"
"x-permitted-cross-domain-policies"
"x-pingback"
"x-powered-by"
"x-robots-tag"
"x-timer"
"x-ua-compatible"
"x-varnish"
"x-webkit-csp"
"x-xss-protection"
