{"id":45427,"date":"2016-05-10T04:51:59","date_gmt":"2016-05-10T04:51:59","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/http-headers\/"},"modified":"2024-12-22T11:49:59","modified_gmt":"2024-12-22T11:49:59","slug":"http-headers","status":"publish","type":"plugin","link":"https:\/\/twd.wordpress.org\/plugins\/http-headers\/","author":14954940,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.19.2","stable_tag":"1.19.2","tested":"6.7.5","requires":"3.2","requires_php":"5.3","requires_plugins":null,"header_name":"HTTP Headers","header_author":"Dimitar Ivanov","header_description":"","assets_banners_color":"235d98","last_updated":"2024-12-22 11:49:59","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/paypal.me\/Dimitar81","header_plugin_uri":"https:\/\/github.com\/riverside\/http-headers","header_author_uri":"https:\/\/github.com\/riverside","rating":4.3,"author_block_rating":0,"active_installs":50000,"downloads":718339,"num_ratings":70,"support_threads":2,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.0":{"tag":"1.0.0","author":"zinoui","date":"2016-05-10 05:11:24"},"1.1.0":{"tag":"1.1.0","author":"zinoui","date":"2016-10-22 09:23:37"},"1.1.1":{"tag":"1.1.1","author":"zinoui","date":"2016-12-09 06:04:15"},"1.1.2":{"tag":"1.1.2","author":"zinoui","date":"2017-02-13 19:20:41"},"1.10.0":{"tag":"1.10.0","author":"zinoui","date":"2018-07-17 04:50:26"},"1.10.1":{"tag":"1.10.1","author":"zinoui","date":"2018-07-18 04:36:39"},"1.10.2":{"tag":"1.10.2","author":"zinoui","date":"2018-07-31 17:35:17"},"1.10.3":{"tag":"1.10.3","author":"zinoui","date":"2018-08-08 04:24:19"},"1.10.4":{"tag":"1.10.4","author":"zinoui","date":"2018-09-30 19:06:50"},"1.10.5":{"tag":"1.10.5","author":"zinoui","date":"2018-12-08 05:04:29"},"1.11.0":{"tag":"1.11.0","author":"zinoui","date":"2019-01-05 08:08:31"},"1.12.0":{"tag":"1.12.0","author":"zinoui","date":"2019-01-05 09:17:15"},"1.12.1":{"tag":"1.12.1","author":"zinoui","date":"2019-01-10 17:41:36"},"1.12.2":{"tag":"1.12.2","author":"zinoui","date":"2019-05-16 17:25:11"},"1.13.0":{"tag":"1.13.0","author":"zinoui","date":"2019-06-07 18:09:04"},"1.13.1":{"tag":"1.13.1","author":"zinoui","date":"2019-06-08 05:16:04"},"1.13.2":{"tag":"1.13.2","author":"zinoui","date":"2019-06-13 17:40:37"},"1.13.3":{"tag":"1.13.3","author":"zinoui","date":"2019-06-16 06:01:38"},"1.13.4":{"tag":"1.13.4","author":"zinoui","date":"2019-07-14 06:33:44"},"1.14.0":{"tag":"1.14.0","author":"zinoui","date":"2019-09-01 16:11:42"},"1.14.1":{"tag":"1.14.1","author":"zinoui","date":"2019-09-15 18:29:09"},"1.14.2":{"tag":"1.14.2","author":"zinoui","date":"2019-11-25 19:21:04"},"1.15.0":{"tag":"1.15.0","author":"zinoui","date":"2020-01-26 10:32:25"},"1.15.1":{"tag":"1.15.1","author":"zinoui","date":"2020-05-09 05:38:38"},"1.15.2":{"tag":"1.15.2","author":"zinoui","date":"2020-07-12 07:11:26"},"1.16.0":{"tag":"1.16.0","author":"zinoui","date":"2020-07-23 18:35:56"},"1.16.1":{"tag":"1.16.1","author":"zinoui","date":"2020-07-23 19:26:34"},"1.17.0":{"tag":"1.17.0","author":"zinoui","date":"2020-07-26 09:30:16"},"1.18.0":{"tag":"1.18.0","author":"zinoui","date":"2020-09-20 15:26:22"},"1.18.1":{"tag":"1.18.1","author":"zinoui","date":"2020-10-29 06:03:36"},"1.18.10":{"tag":"1.18.10","author":"zinoui","date":"2023-05-28 08:29:05"},"1.18.11":{"tag":"1.18.11","author":"zinoui","date":"2023-06-11 15:41:20"},"1.18.2":{"tag":"1.18.2","author":"zinoui","date":"2021-04-24 07:07:28"},"1.18.3":{"tag":"1.18.3","author":"zinoui","date":"2021-04-30 08:22:26"},"1.18.4":{"tag":"1.18.4","author":"zinoui","date":"2021-04-30 08:50:20"},"1.18.6":{"tag":"1.18.6","author":"zinoui","date":"2023-01-22 11:47:38"},"1.18.7":{"tag":"1.18.7","author":"zinoui","date":"2023-01-24 06:50:55"},"1.18.8":{"tag":"1.18.8","author":"zinoui","date":"2023-04-17 14:15:39"},"1.18.9":{"tag":"1.18.9","author":"zinoui","date":"2023-04-23 08:29:27"},"1.19.0":{"tag":"1.19.0","author":"zinoui","date":"2023-07-07 18:58:37"},"1.19.1":{"tag":"1.19.1","author":"zinoui","date":"2024-08-08 17:57:51"},"1.19.2":{"tag":"1.19.2","author":"zinoui","date":"2024-12-22 11:49:59"},"1.2.0":{"tag":"1.2.0","author":"zinoui","date":"2017-04-28 20:58:43"},"1.3.0":{"tag":"1.3.0","author":"zinoui","date":"2017-06-22 17:45:53"},"1.4.0":{"tag":"1.4.0","author":"zinoui","date":"2017-07-04 21:18:16"},"1.5.0":{"tag":"1.5.0","author":"zinoui","date":"2017-08-01 04:27:56"},"1.6.0":{"tag":"1.6.0","author":"zinoui","date":"2017-08-05 05:36:34"},"1.7.0":{"tag":"1.7.0","author":"zinoui","date":"2017-08-15 17:44:44"},"1.7.1":{"tag":"1.7.1","author":"zinoui","date":"2017-08-18 16:47:58"},"1.8.0":{"tag":"1.8.0","author":"zinoui","date":"2017-11-17 05:52:45"},"1.9.0":{"tag":"1.9.0","author":"zinoui","date":"2017-12-25 08:25:48"},"1.9.1":{"tag":"1.9.1","author":"zinoui","date":"2017-12-27 10:03:40"},"1.9.2":{"tag":"1.9.2","author":"zinoui","date":"2018-01-04 21:33:52"},"1.9.3":{"tag":"1.9.3","author":"zinoui","date":"2018-01-10 06:28:57"},"1.9.4":{"tag":"1.9.4","author":"zinoui","date":"2018-01-13 13:33:55"},"1.9.5":{"tag":"1.9.5","author":"zinoui","date":"2018-07-12 12:06:30"}},"upgrade_notice":{"":"<p>Updates are on they way, so stay tuned at <a href=\"https:\/\/twitter.com\/DimitarIvanov\">@DimitarIvanov<\/a><\/p>"},"ratings":{"1":5,"2":5,"3":4,"4":5,"5":51},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":1413576,"resolution":"128x128","location":"assets","locale":""}},"assets_banners":{"banner-772x250.jpg":{"filename":"banner-772x250.jpg","revision":1413577,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0","1.1.0","1.1.1","1.1.2","1.10.0","1.10.1","1.10.2","1.10.3","1.10.4","1.10.5","1.11.0","1.12.0","1.12.1","1.12.2","1.13.0","1.13.1","1.13.2","1.13.3","1.13.4","1.14.0","1.14.1","1.14.2","1.15.0","1.15.1","1.15.2","1.16.0","1.16.1","1.17.0","1.18.0","1.18.1","1.18.10","1.18.11","1.18.2","1.18.3","1.18.4","1.18.6","1.18.7","1.18.8","1.18.9","1.19.0","1.19.1","1.19.2","1.2.0","1.3.0","1.4.0","1.5.0","1.6.0","1.7.0","1.7.1","1.8.0","1.9.0","1.9.1","1.9.2","1.9.3","1.9.4","1.9.5"],"block_files":[],"assets_screenshots":{"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":1712410,"resolution":"1","location":"assets","locale":""},"screenshot-2.jpg":{"filename":"screenshot-2.jpg","revision":1712410,"resolution":"2","location":"assets","locale":""},"screenshot-3.jpg":{"filename":"screenshot-3.jpg","revision":1712410,"resolution":"3","location":"assets","locale":""},"screenshot-4.jpg":{"filename":"screenshot-4.jpg","revision":1712410,"resolution":"4","location":"assets","locale":""}},"screenshots":{"1":"This screenshot shows up the dashboard with categories of the supported headers.","2":"This screenshot shows up the headers of a chosen category and their current values.","3":"This screenshot shows up the settings page where you can adjust the security headers.","4":"This screenshot shows up the response headers returned by the web server."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[230473,230474,3243,32637,153786],"plugin_category":[54],"plugin_contributors":[86351],"plugin_business_model":[],"class_list":["post-45427","plugin","type-plugin","status-publish","hentry","plugin_tags-cors-headers","plugin_tags-csp-header","plugin_tags-custom-headers","plugin_tags-http-headers","plugin_tags-security-headers","plugin_category-security-and-spam-protection","plugin_contributors-zinoui","plugin_committers-zinoui"],"banners":{"banner":"https:\/\/ps.w.org\/http-headers\/assets\/banner-772x250.jpg?rev=1413577","banner_2x":false,"banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/http-headers\/assets\/icon-128x128.png?rev=1413576","icon_2x":false,"generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/http-headers\/assets\/screenshot-1.jpg?rev=1712410","caption":"This screenshot shows up the dashboard with categories of the supported headers."},{"src":"https:\/\/ps.w.org\/http-headers\/assets\/screenshot-2.jpg?rev=1712410","caption":"This screenshot shows up the headers of a chosen category and their current values."},{"src":"https:\/\/ps.w.org\/http-headers\/assets\/screenshot-3.jpg?rev=1712410","caption":"This screenshot shows up the settings page where you can adjust the security headers."},{"src":"https:\/\/ps.w.org\/http-headers\/assets\/screenshot-4.jpg?rev=1712410","caption":"This screenshot shows up the response headers returned by the web server."}],"raw_content":"<!--section=description-->\n<p>HTTP Headers gives your control over the http headers returned by your blog or website.<\/p>\n\n<p>Headers supported by HTTP Headers includes:<\/p>\n\n<ul>\n<li>Access-Control-Allow-Origin<\/li>\n<li>Access-Control-Allow-Credentials<\/li>\n<li>Access-Control-Max-Age<\/li>\n<li>Access-Control-Allow-Methods<\/li>\n<li>Access-Control-Allow-Headers<\/li>\n<li>Access-Control-Expose-Headers<\/li>\n<li>Age <\/li>\n<li>Content-Security-Policy<\/li>\n<li>Content-Security-Policy-Report-Only<\/li>\n<li>Cache-Control<\/li>\n<li>Clear-Site-Data<\/li>\n<li>Connection<\/li>\n<li>Content-Encoding<\/li>\n<li>Content-Type<\/li>\n<li>Cross-Origin-Embedder-Policy<\/li>\n<li>Cross-Origin-Opener-Policy<\/li>\n<li>Cross-Origin-Resource-Policy<\/li>\n<li>Expect-CT<\/li>\n<li>Expires<\/li>\n<li>Feature-Policy<\/li>\n<li>NEL<\/li>\n<li>Permissions-Policy<\/li>\n<li>Pragma<\/li>\n<li>P3P<\/li>\n<li>Referrer-Policy<\/li>\n<li>Report-To<\/li>\n<li>Strict-Transport-Security<\/li>\n<li>Timing-Allow-Origin<\/li>\n<li>Vary<\/li>\n<li>WWW-Authenticate<\/li>\n<li>X-Content-Type-Options<\/li>\n<li>X-DNS-Prefetch-Control<\/li>\n<li>X-Download-Options<\/li>\n<li>X-Frame-Options<\/li>\n<li>X-Permitted-Cross-Domain-Policies<\/li>\n<li>X-Powered-By<\/li>\n<li>X-Robots-Tag<\/li>\n<li>X-UA-Compatible<\/li>\n<li>X-XSS-Protection<\/li>\n<\/ul>\n\n<!--section=installation-->\n<p>Upload the HTTP Headers plugin to your blog. Then activate it.<\/p>\n\n<p>That's all.<\/p>\n\n<!--section=faq-->\n<dl>\n<dt id='why%20to%20use%20this%20plugin%3F'><h3>Why to use this plugin?<\/h3><\/dt>\n<dd><p>Nowadays security of your social data at the web is essential. This plugin helps you to improve your website overall security.<\/p><\/dd>\n<dt id='who%20use%20these%20headers%3F'><h3>Who use these headers?<\/h3><\/dt>\n<dd><p>These HTTP headers are being used in production services by popular websites as Facebook, Google+, Twitter, LinkedIn, YouTube, Yahoo, Amazon, Instagram, Pinterest.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.19.2<\/h4>\n\n<p><em>Release Date - 22nd December, 2024<\/em><\/p>\n\n<ul>\n<li>Added \"script-src-elem\" directive to \"Content-Security-Policy\" header<\/li>\n<li>Added \"script-src-attr\" directive to \"Content-Security-Policy\" header<\/li>\n<li>Added \"style-src-elem\" directive to \"Content-Security-Policy\" header<\/li>\n<li>Added \"style-src-attr\" directive to \"Content-Security-Policy\" header<\/li>\n<\/ul>\n\n<h4>1.19.1<\/h4>\n\n<p><em>Release Date - 2nd September, 2023<\/em><\/p>\n\n<ul>\n<li>Added \"clientHints\" directive to \"Clear-Site-Data\" header<\/li>\n<li>Added \"credentialless\" directive to \"Cross-Origin-Embedder-Policy\" header<\/li>\n<\/ul>\n\n<h4>1.19.0<\/h4>\n\n<p><em>Release Date - 7th July, 2023<\/em><\/p>\n\n<ul>\n<li>Fixed: SSRF vulnerability by an Admin user<\/li>\n<li>Fixed: XSS vulnerability by an Admin user<\/li>\n<\/ul>\n\n<h4>1.18.11<\/h4>\n\n<p><em>Release Date - 11th June, 2023<\/em><\/p>\n\n<ul>\n<li>Fixed: Remote Code Execution by an Admin user<\/li>\n<\/ul>\n\n<h4>1.18.10<\/h4>\n\n<p><em>Release Date - 28th May, 2023<\/em><\/p>\n\n<ul>\n<li>Fixed: Remote Code Execution by an Admin user<\/li>\n<li>Removed: Import\/Export functions<\/li>\n<\/ul>\n\n<h4>1.18.9<\/h4>\n\n<p><em>Release Date - 23rd April, 2023<\/em><\/p>\n\n<ul>\n<li>Fixed: Remote Code Execution by an Admin user<\/li>\n<\/ul>\n\n<h4>1.18.8<\/h4>\n\n<p><em>Release Date - 17th April, 2023<\/em><\/p>\n\n<ul>\n<li>Fixed: SQL Injection by an Admin user<\/li>\n<li>Fixed: Remote Code Execution by an Admin user<\/li>\n<li>Few PHP 8.x compatible fixes<\/li>\n<\/ul>\n\n<h4>1.18.7<\/h4>\n\n<p><em>Release Date - 24th January, 2023<\/em><\/p>\n\n<ul>\n<li>Fix CSP default value<\/li>\n<\/ul>\n\n<h4>1.18.6<\/h4>\n\n<p><em>Release Date - 22nd January, 2023<\/em><\/p>\n\n<ul>\n<li>PHP 8 compatibility changes<\/li>\n<\/ul>\n\n<h4>1.18.5<\/h4>\n\n<p><em>Release Date - 30th April, 2021<\/em><\/p>\n\n<ul>\n<li>Configurable paths to files who store passwords for basic\/digest auth<\/li>\n<li>Fixed issue with plugin activation, due missing file<\/li>\n<\/ul>\n\n<h4>1.18.4<\/h4>\n\n<p><em>Release Date - 30th April, 2021<\/em><\/p>\n\n<ul>\n<li>Initial value of X-Robots-Tag fixed<\/li>\n<\/ul>\n\n<h4>1.18.3<\/h4>\n\n<p><em>Release Date - 30th April, 2021<\/em><\/p>\n\n<ul>\n<li>Added \"X-Robots-Tag\" header<\/li>\n<li>Added \"interest-cohort\", \"layout-animations\", \"legacy-image-formats\", \"oversized-images\", and \"wake-lock\" directive to \"Permissions-Policy\" header<\/li>\n<li>Added \"cross-origin\" value to \"Cross-Origin-Resource-Policy\" header<\/li>\n<li>Added \"navigate-to\" and \"prefetch-src\" directives to \"Content-Security-Policy\" header<\/li>\n<\/ul>\n\n<h4>1.18.2<\/h4>\n\n<p><em>Release Date - 24th April, 2021<\/em><\/p>\n\n<ul>\n<li>Configurable paths to .htaccess and .user.ini files<\/li>\n<\/ul>\n\n<h4>1.18.1<\/h4>\n\n<p><em>Release Date - 29th October, 2020<\/em><\/p>\n\n<ul>\n<li>Added \"allow-downloads\" and \"allow-top-navigation-by-user-activation\" to \"sandbox\" directive, part of CSP<\/li>\n<\/ul>\n\n<h4>1.18.0<\/h4>\n\n<p><em>Release Date - 20th September, 2020<\/em><\/p>\n\n<ul>\n<li>Added \"Permissions-Policy\" header<\/li>\n<li>Fixed \"Cookie Security\"<\/li>\n<\/ul>\n\n<h4>1.17.0<\/h4>\n\n<p><em>Release Date - 26th July, 2020<\/em><\/p>\n\n<ul>\n<li>Added \"Cross-Origin-Embedder-Policy\" header<\/li>\n<li>Added \"Cross-Origin-Opener-Policy\" header<\/li>\n<\/ul>\n\n<h4>1.16.1<\/h4>\n\n<p><em>Release Date - 23rd July, 2020<\/em><\/p>\n\n<ul>\n<li>Fixed JS\/CSS versioning<\/li>\n<\/ul>\n\n<h4>1.16.0<\/h4>\n\n<p><em>Release Date - 23rd July, 2020<\/em><\/p>\n\n<ul>\n<li>Added the \"NEL\" header<\/li>\n<li>Fixed the \"Report-To\" header<\/li>\n<\/ul>\n\n<h4>1.15.2<\/h4>\n\n<p><em>Release Date - 18th June, 2020<\/em><\/p>\n\n<ul>\n<li>Fixed a PHP Notice at \"Expires\" page<\/li>\n<li>Fixed comments in .user.ini file<\/li>\n<\/ul>\n\n<h4>1.15.1<\/h4>\n\n<p><em>Release Date - 9th May, 2020<\/em><\/p>\n\n<ul>\n<li>Fixed the \"Access-Control-Allow-Origin\" header<\/li>\n<\/ul>\n\n<h4>1.15.0<\/h4>\n\n<p><em>Release Date - 26th January, 2020<\/em><\/p>\n\n<ul>\n<li>Added the \"Cross-Origin-Resource-Policy\" header<\/li>\n<li>Removed the \"Public-Key-Pins\" header<\/li>\n<\/ul>\n\n<h4>1.14.2<\/h4>\n\n<p><em>Release Date - 25th November, 2019<\/em><\/p>\n\n<ul>\n<li>CORS headers updated (added \"Vary: Origin\")<\/li>\n<\/ul>\n\n<h4>1.14.1<\/h4>\n\n<p><em>Release Date - 15th September, 2019<\/em><\/p>\n\n<ul>\n<li>Simple filtering was replaced with Dynamic filtering<\/li>\n<\/ul>\n\n<h4>1.14.0<\/h4>\n\n<p><em>Release Date - 1st September, 2019<\/em><\/p>\n\n<ul>\n<li>Added the \"Content-Type\" header<\/li>\n<li>Fixed the \"Access-Control-Allow-Credentials\" header<\/li>\n<li>Improvement to \"Access-Control-Allow-Headers\" header<\/li>\n<li>Improvement to \"Access-Control-Allow-Methods\" header<\/li>\n<li>Improvement to \"Access-Control-Expose-Headers\" header<\/li>\n<li>Improvement to \"Cache-Control\" header<\/li>\n<li>Improvement to \"Vary\" header<\/li>\n<\/ul>\n\n<h4>1.13.4<\/h4>\n\n<p><em>Release Date - 14th July, 2019<\/em><\/p>\n\n<ul>\n<li>Added the \"always\" condition to Header (unset) directive<\/li>\n<li>Fixed the \"import\" function<\/li>\n<li>Fixed the \"Access-Control-Allow-Origin\" header<\/li>\n<\/ul>\n\n<h4>1.13.3<\/h4>\n\n<p><em>Release Date - 16th June, 2019<\/em><\/p>\n\n<ul>\n<li>Bugfix in \"WWW-Authenticate\" header<\/li>\n<li>Added support of Apache 2.4<\/li>\n<\/ul>\n\n<h4>1.13.2<\/h4>\n\n<p><em>Release Date - 13th June, 2019<\/em><\/p>\n\n<ul>\n<li>Bugfix in \"Content-Encoding\" header<\/li>\n<li>Bugfix in \"Vary\" header<\/li>\n<\/ul>\n\n<h4>1.13.1<\/h4>\n\n<p><em>Release Date - 8th June, 2019<\/em><\/p>\n\n<ul>\n<li>Added Brotli compression<\/li>\n<\/ul>\n\n<h4>1.13.0<\/h4>\n\n<p><em>Release Date - 7th June, 2019<\/em><\/p>\n\n<ul>\n<li>Added \"SameSite\" to Cookie Security<\/li>\n<li>Fixed import\/export function<\/li>\n<li>Code refactoring<\/li>\n<\/ul>\n\n<h4>1.12.2<\/h4>\n\n<p><em>Release Date - 5th April, 2019<\/em><\/p>\n\n<ul>\n<li>UI improvement for Content-Security-Policy <\/li>\n<li>Fix for Access-Control-Allow-Headers<\/li>\n<li>Fix for Access-Control-Allow-Origin<\/li>\n<li>Fix for Feature-Policy<\/li>\n<\/ul>\n\n<h4>1.12.1<\/h4>\n\n<p><em>Release Date - 9th January, 2019<\/em><\/p>\n\n<ul>\n<li>Remove direct calls to cURL<\/li>\n<\/ul>\n\n<h4>1.12.0<\/h4>\n\n<p><em>Release Date - 5th January, 2019<\/em><\/p>\n\n<ul>\n<li>Better handling of activate\/deactivate functions<\/li>\n<\/ul>\n\n<h4>1.11.0<\/h4>\n\n<p><em>Release Date - 9th December, 2018<\/em><\/p>\n\n<ul>\n<li>Added support of \"Clear-Site-Data\" header<\/li>\n<\/ul>\n\n<h4>1.10.5<\/h4>\n\n<p><em>Release Date - 6th November, 2018<\/em><\/p>\n\n<ul>\n<li>Hotfix: parallel work with third-party plugins<\/li>\n<\/ul>\n\n<h4>1.10.4<\/h4>\n\n<p><em>Release Date - 30th September, 2018<\/em><\/p>\n\n<ul>\n<li>Support of following Server APIs: CGI, FastCGI, PHP-FPM<\/li>\n<li>Error handling improvement<\/li>\n<\/ul>\n\n<h4>1.10.3<\/h4>\n\n<p><em>Release Date - 8th August, 2018<\/em><\/p>\n\n<ul>\n<li>HSTS improvement<\/li>\n<li>CORS improvement<\/li>\n<\/ul>\n\n<h4>1.10.2<\/h4>\n\n<p><em>Release Date - 31st July, 2018<\/em><\/p>\n\n<ul>\n<li>Export feature bug-fixed<\/li>\n<\/ul>\n\n<h4>1.10.1<\/h4>\n\n<p><em>Release Date - 18th July, 2018<\/em><\/p>\n\n<ul>\n<li>Feature-Policy header update: new features added<\/li>\n<\/ul>\n\n<h4>1.10.0<\/h4>\n\n<p><em>Release Date - 17th July, 2018<\/em><\/p>\n\n<ul>\n<li>Added support of \"Feature-Policy\" header<\/li>\n<\/ul>\n\n<h4>1.9.5<\/h4>\n\n<p><em>Release Date - 12th July, 2018<\/em><\/p>\n\n<ul>\n<li>CORS bugfix<\/li>\n<\/ul>\n\n<h4>1.9.4<\/h4>\n\n<p><em>Release Date - 13th January, 2018<\/em><\/p>\n\n<ul>\n<li>In-plugin security improvement<\/li>\n<\/ul>\n\n<h4>1.9.3<\/h4>\n\n<p><em>Release Date - 10th January, 2018<\/em><\/p>\n\n<ul>\n<li>Bug fix<\/li>\n<\/ul>\n\n<h4>1.9.2<\/h4>\n\n<p><em>Release Date - 4th January, 2018<\/em><\/p>\n\n<ul>\n<li>Security improvements<\/li>\n<\/ul>\n\n<h4>1.9.1<\/h4>\n\n<p><em>Release Date - 27th December, 2017<\/em><\/p>\n\n<ul>\n<li>Updated translations<\/li>\n<\/ul>\n\n<h4>1.9.0<\/h4>\n\n<p><em>Release Date - 23th December, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of \"Report-To\" header<\/li>\n<li>Added support of translations<\/li>\n<li>Added support of Import\/Export<\/li>\n<li>Updated \"Content-Security-Policy\" header (added directives: object-src, frame-src, worker-src, manifest-src, base-uri, report-to)<\/li>\n<li>Updated \"WWW-Authenticate\" header (support multiple users)<\/li>\n<li>Updated \"Access-Control\" headers (added list of origins)<\/li>\n<\/ul>\n\n<h4>1.8.0<\/h4>\n\n<p><em>Release Date - 31st August, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of \"Timing-Allow-Origin\" header<\/li>\n<li>Added support of \"X-Download-Options\" header<\/li>\n<li>Added support of \"X-DNS-Prefetch-Control\" header<\/li>\n<li>Added support of \"X-Permitted-Cross-Domain-Policies\" header<\/li>\n<li>Added support of Custom headers<\/li>\n<\/ul>\n\n<h4>1.7.1<\/h4>\n\n<p><em>Release Date - 18th August, 2017<\/em><\/p>\n\n<ul>\n<li>PHP notice bugfixed<\/li>\n<\/ul>\n\n<h4>1.7.0<\/h4>\n\n<p><em>Release Date - 15th August, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of \"Content-Security-Policy-Report-Only\" header<\/li>\n<li>Added support of \"Public-Key-Pins-Report-Only\" header<\/li>\n<li>Added \"1; report=\" directive to the \"X-XSS-Protection\" header<\/li>\n<li>Added \"Inspect headers\" tool<\/li>\n<li>UI bugfixes<\/li>\n<\/ul>\n\n<h4>1.6.0<\/h4>\n\n<p><em>Release Date - 5th August, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of \"Expect-CT\" header<\/li>\n<\/ul>\n\n<h4>1.5.0<\/h4>\n\n<p><em>Release Date - 30th July, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of \"Age\" header <\/li>\n<li>Added support of \"Cache-Control\" header<\/li>\n<li>Added support of \"Connection\" header<\/li>\n<li>Added support of \"Content-Encoding\" header<\/li>\n<li>Added support of \"Expires\" header<\/li>\n<li>Added support of \"Pragma\" header<\/li>\n<li>Added support of \"Vary\" header<\/li>\n<li>Added support of \"WWW-Authenticate\" header<\/li>\n<li>Added support of \"X-Powered-By\" header<\/li>\n<li>Added support of \"Secure\" and \"HttpOnly\" cookies<\/li>\n<\/ul>\n\n<h4>1.4.0<\/h4>\n\n<p><em>Release Date - 5th July, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of Apache (via htaccess) inclusion method<\/li>\n<\/ul>\n\n<h4>1.3.0<\/h4>\n\n<p><em>Release Date - 3rd June, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of Content-Security-Policy header<\/li>\n<li>Added dashboard<\/li>\n<\/ul>\n\n<h4>1.2.0<\/h4>\n\n<p><em>Release Date - 28th April, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of Referrer-Policy header<\/li>\n<\/ul>\n\n<h4>1.1.2<\/h4>\n\n<p><em>Release Date - 13th February, 2017<\/em><\/p>\n\n<ul>\n<li>Added support of 'preload' directive to HSTS header<\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<p><em>Release Date - 8th November, 2016<\/em><\/p>\n\n<ul>\n<li>Fixed typo in the X-Frame-Options header<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<p><em>Release Date - 20th May, 2016<\/em><\/p>\n\n<ul>\n<li>Added support of P3P header<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<p><em>Release Date - 10th May, 2016<\/em><\/p>\n\n<ul>\n<li>Initial version<\/li>\n<\/ul>","raw_excerpt":"HTTP Headers adds CORS &amp; security HTTP headers to your website.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/45427","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=45427"}],"author":[{"embeddable":true,"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/zinoui"}],"wp:attachment":[{"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=45427"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=45427"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=45427"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=45427"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=45427"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/twd.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=45427"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}