bjpbkk

Forum Replies Created

Viewing 6 replies - 16 through 21 (of 21 total)
  • Thread Starter bjpbkk

    (@bjpbkk)

    In fact, the revise button in not working at all even on desktop. You can change the value, but nothing change for ads.

    There is no a décline all button ?

    Very desapointed

    same probleme for me

    Hi

    Sorry but it does not solve this small problem.

    I always have : Permissions-Policy : We detected an invalid directive, ” window-management”.

    Version 5.0.27 and I clean my cache.

    A link with the test

    Merci

    Good morning

    Thanks for this update. My site is A+ and I see no malfunction.

    I always have some errors with google :

    Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

    Missing script-src directive. It allows the execution of insecure scripts. script-src High

    The absence of object-src makes it possible to inject plugins that run insecure scripts. Consider setting object-src to “none” if you can. object-src High

    and also : Permissions-Policy : We detected an invalid directive, ” window-management()”.

    Can you give some examples to add or remove permissions with the new interface?

    THANKS

    • This reply was modified 1 year, 8 months ago by bjpbkk.
    • This reply was modified 1 year, 8 months ago by bjpbkk.
    • This reply was modified 1 year, 8 months ago by bjpbkk.
    Thread Starter bjpbkk

    (@bjpbkk)

    In fact the Permissions-Policy is not working because wp-supercache. I don’t know why and what to do. If I find a solution, I will post it.

    To solve the problem with Strict-Transport-Security, I has this snippet :

    function subdomain_add_security_headers() {
    header(‘Strict-Transport-Security: max-age=63072000; includeSubdomains; preload’);
    }
    add_action(‘send_headers’, ‘subdomain_add_security_headers’);

    Thread Starter bjpbkk

    (@bjpbkk)

    Good morning

I installed the plugin on my main site. EDD seems to work. However, I have errors:

Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.

GET https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215653763757796445031%22,%22debug_reporting%22:true,%22destination%22:%22https://etsglobal. org%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22961899722%22],%224%22:[%2207 -09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213135409733739308865%22}&andc=true net::ERR_CONNECTION_CLOSED

The second problem is with HSTS:

Status: xxx.fr is not preloaded.

Eligibility: In order for xxx.fr to be eligible for preloading, the errors below must be resolved:

I had this Snippet and it's OK
function add_security_headers() {
header('Strict-Transport-Security: max-age=63072000; includeSubdomains; preload');
}
add_action('send_headers', 'add_security_headers');

The Permissions-Policy does not work.

I think these problems can be explained by maybe wp-supercache and also the functioning of my host:

The headers defined in a .htaccess file are only valid for non-PHP content (therefore static).

We use php-fpm which receives the different headers via apache fast_cgi. In the cgi_www RFC the "Strict-Transport-Security" header is not part of the headers passed via CGI and the apache doc httpd.apache.org/docs/2.2/howto/cgi.html confirms it. Read also https://www.ietf.org/rfc/rfc3875

Thank you for this very good plugin. Maybe you will have somme solutions.

Merci
Viewing 6 replies - 16 through 21 (of 21 total)