HTTP Header X-XSS-Protection does not match 

**Describe the bug**
The HTTP header `X-XSS-Protection` which present does not match, and we have to either match the string `X-Xss-Protection` or use case-insensitive regex pattern like `"/(?i:X-XSS-Protection: 1;mode=block)/"`

**How To Reproduce**
Apache conf:
```
  Header set X-XSS-Protection 1;mode=block
```
HTTP headers:
```
# curl -I localhost/index
HTTP/1.1 200 OK
Date: Fri, 13 May 2022 10:48:01 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: PHP/7.4.29
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Origin
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1;mode=block
Content-Type: application/json
```
Test rule:
```
http:
  http://localhost:{{ .Vars.http_port }}/index:
    status: 200
    timeout: 2000
    #method: GET
    headers:
    - "X-XSS-Protection: 1;mode=block"
```
**Expected Behavior**
Test passed.

**Actual Behavior**
```
.F..

Failures/Skipped:

HTTP: http://localhost:80/index: Headers: patterns not found: [X-XSS-Protection: 1;mode=block]

Total Duration: 0.044s
Count: 4, Failed: 1, Skipped: 0
```
**Environment:**
 - goss v0.3.16
 - Ubuntu 20

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

HTTP Header X-XSS-Protection does not match #760

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

HTTP Header X-XSS-Protection does not match #760

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions