The new plugin release is focues on the security headers improvements, especially Content Security Policy and Feature Policy, including new rules and options, several improvements and few fixes.
Content Security Policy (CSP) is now easier to configure with the option to specify the list of CDN’s you use on your website (usually, it is just one, but you never know). If you specify one or more CDN’s, the plugin will automatically add required rules for JS, CSS, Images, and Fonts based on the list of CDN’s. And, CSP has new predefined rules for WordPress.org. The settings page for CSP has been also updated.
As for the Features Policy, this one has been expanded with more rules (most experimental, not supported by every browser), and the whole policy has been changed to the Permissions Policy header, with slightly different format. So, the plugin allows you to add both versions of the policy or just one of them. Again, this is supported in different ways by different browsers, so expect warnings by some browsers in some cases (not a big issue).
There are few fixes related to the building of headers, and few updates to included information about some of the rules and policies.
To see the list of all the changes in this version, please check out the changelog. If you find any issues with the new version, please, report them in the support forums.
