GD Security Headers version 1.2, brings support for the Feature Policy security header with total of 18 features included, and various improvements and new automatic rules for Content Security Policy.
This new version adds a new security header for the Feature Policy that is made up of various rules related to various features that the browser can expose to the website and underlying contexts (frames). This is a new header that is not widely used, but it is fully supported by Google Chrome and various other Chromium-based browsers.
Right now, this header supports 18 features, including a gyroscope, battery, microphone, video and many more. This addon will be updated in the future to include new features once they are approved and in use.
Content Security Policy addon now has few more predefined rules for Google YouTube, Google Tag Manager, Gravatar, Gleam and Vimeo. You can use these automatic rules to enable CSP rules for these services, instead of manually adding every rule that these services might need.
The plugin is available for free on WordPress.org, so check it out:
Let me know what you think about the new plugin, and if you have any questions or suggestions.
To see the list of all the changes in this version, please check out the changelog. If you find any issues with the new version, please, report them in the support forums.
