modHeadersAvailable override needed for systems using mod_suexec

[s09bQ5]

Steps to reproduce

1. Run nextcloud on an Apache with mod_suexec, mod_env, and mod_headers

Expected behaviour

Headers like X-XSS-Protection are emitted only once and the admin panel does not show a security warning.

Actual behaviour

Headers like X-XSS-Protection are emitted twice and the admin panel shows a security warning.

Server configuration

mod_suexec
mod_env
mod_headers

Web server:
Apache

Nextcloud version: (see Nextcloud admin page)
13.0.6

mod_suexec drops modHeadersAvailable

mod_suexec drops most environment variables, so Nextcloud does not see the modHeadersAvailable variable set by .htaccess and therefore tries to emit the headers again using the header() PHP function. The JavaScript check for these headers then fails because of the unexpected duplicates.

Since I am on a shared hosting, I can't disable mod_suexec. So what I would like to have is a configuration option to override the modHeadersAvailable check.

[nextcloud-bot]

GitMate.io thinks possibly related issues are #2231 (Need to be renamed...), #9005 (c), #5700 (Because Ubuntu using UUID in fstab, update needed to Webdav Tutorial), #76 (Setup translation system), and #3634 (quota validation needs to be improved).

[MorrisJobke]

Duplicate of #8207