On our Gatsby website, we generate a valid _headers file using gatsby-plugin-netlify and everything is fine.
All headers rules are generated and processed.
But I am noticing that something might be cached on netlify side, since the X-Frame-Options that we have just introduced, is not being updated on our main domain, but when deploying (same repo, same code) on a new context/branch I can see the updated X-Frame-Options header
Here is my generated _header file, that is properly processed and validated
Created with gatsby-plugin-netlify
/* X-Frame-Options: ALLOW-FROM https://example.com/ X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Referrer-Policy: same-origin Cache-Control: public, max-age=0, must-revalidate
curl -I mydomain.com
x-xss-protection: 1; mode=block
Does anyone know if headers are cached and - if so - how to purge it?