Changeset 3048614

Timestamp:

03/10/2024 01:52:26 PM (5 months ago)

Author:

unicorn03

Message:

5.0.34

We don't want to tell you what to do, but here's the point: if you've updated the Headers Security Advanced & HSTS WP plugin last time, you've seen that when we suggest doing so, we don't just say it and leave it at that. Well, with this 5.0.34 version we've added and fixed a lot (we got rid of some bugs, tidied up some pesky pixels and updated the graphics) and it all works great. Are we agreed? Touch "update" and we'll provide you with the most beautiful, fastest, and most impressive plugin around. Enjoy!

• Upgrade: New feature to customize headers (X-Frame-Options and Permissions-Policy), if not customized will use an automated value from OWASP.
• Delete: deleted the 'X-XSS-Protection' header because this functionality is no longer in the standards path.

Location:

headers-security-advanced-hsts-wp/trunk

Files:

• changelog.txt (modified) (1 diff)
• headers-security-advanced-hsts-wp.php (modified) (4 diffs)
• readme.txt (modified) (3 diffs)

headers-security-advanced-hsts-wp/trunk/changelog.txt

@@ +1 @@
+
+
+
+
+
 = 5.0.30 =
 We don't want to tell you what to do, but here's the point: if you've updated the Headers Security Advanced & HSTS WP plugin last time, you've seen that when we suggest doing so, we don't just say it and leave it at that. Well, with this 5.0.30 version we've added and fixed a lot (we got rid of some bugs, tidied up some pesky pixels and updated the graphics) and it all works great. Are we agreed? Touch "update" and we'll provide you with the most beautiful, fastest, and most impressive plugin around. Enjoy!

headers-security-advanced-hsts-wp/trunk/headers-security-advanced-hsts-wp.php

@@ -4 +4 @@
  * Plugin URI: https://www.tentacleplugins.com/
  * Description: Headers Security Advanced & HSTS WP - Simple, Light and Fast. The plugin uses advanced security rules that provide huge levels of protection and it is important that your site uses it. This step is important to submit your website and/or domain to an approved HSTS list. Google officially compiles this list and it is used by Chrome, Firefox, Opera, Safari, IE11 and Edge. You can forward your site to the official HSTS preload directory. Cross Site Request Forgery (CSRF) is a common attack with the installation of Headers Security Advanced & HSTS WP will help you mitigate CSRF on your WordPress site.
- * Version: 5.0.33
+ * Version: 5.0.3
  * Text Domain: headers-security-advanced-hsts-wp
  * Domain Path: /languages
@@ -24 +24 @@
 }
 
-const HSTS_PLUGIN_VERSION = '5.0.33';
+const HSTS_PLUGIN_VERSION = '5.0.3';
 const HSTS_STANDARD_VALUE_CSP = 'upgrade-insecure-requests;';
 const HSTS_STANDARD_VALUE_PERMISSIONS_POLICY = 'accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), gamepad=(), serial=()';
@@ -43 +43 @@
     $headers['X-Content-Type-Options']                   = 'nosniff';
     $headers['X-Frame-Options']                          = hsts_plugin_get_x_frame_options_header();
-    $headers['X-XSS-Protection']                         = '1; mode=block';
     $headers['X-Permitted-Cross-Domain-Policies']        = 'none';
 
@@ -487 +486 @@
 
 function hsts_plugin_delete_old_options(): void {
-    // Last referenced by plugin version 5.0.33.
+    // Last referenced by plugin version 5.0.3.
     delete_option( 'HEADERS_SECURITY_ADVANCED_HSTS_WP_PLUGIN_VERSION' );
 }

headers-security-advanced-hsts-wp/trunk/readme.txt

@@ -2 +2 @@
 Contributors: unicorn03, unicorn07, erku, alexclassroom,
 Donate link: https://www.buymeacoffee.com/tentacleplugins
-Tags: headers security, hsts, http headers, insecure content, force ssl, headers, login security, xss, clickjacking, mitm, cross origin, cross site, privacy, csp
+Tags: headers security, hsts, h, csp
 Requires at least: 4.7
 Tested up to: 6.4
-Stable tag: 5.0.33
+Stable tag: 5.0.3
 Requires PHP: 7.4
 License: GPLv2 or later
@@ -25 +25 @@
 
   * HSA Limit Login to block brute force attacks.
-  * X-XSS-Protection
+  * X-XSS-Protection
   * Expect-CT
   * Access-Control-Allow-Origin
@@ -259 +259 @@
 == Changelog ==
 
-= 5.0.33 =
-We don't want to tell you what to do, but here's the point: if you've updated the Headers Security Advanced & HSTS WP plugin last time, you've seen that when we suggest doing so, we don't just say it and leave it at that. Well, with this 5.0.33 version we've added and fixed a lot (we got rid of some bugs, tidied up some pesky pixels and updated the graphics) and it all works great. Are we agreed? Touch "update" and we'll provide you with the most beautiful, fastest, and most impressive plugin around. Enjoy!
-- fix: Preparation with a graphical update on some functionalities.
-- New: New feature to customize headers (X-Frame-Options and Permissions-Policy), if not customized will use an automated value from OWASP.
+= 5.0.3 =
+We don't want to tell you what to do, but here's the point: if you've updated the Headers Security Advanced & HSTS WP plugin last time, you've seen that when we suggest doing so, we don't just say it and leave it at that. Well, with this 5.0.3 version we've added and fixed a lot (we got rid of some bugs, tidied up some pesky pixels and updated the graphics) and it all works great. Are we agreed? Touch "update" and we'll provide you with the most beautiful, fastest, and most impressive plugin around. Enjoy!
+- .
+- .