swampscrapper

Thank you Dimitar! Something odd is happening with the scans then. I have tried the scan from within the plugin /options-general.php?page=http-headers&tab=inspect and after toggling to “OFF” position and the X-content-type line remains. And as well, when running the scan from securityheaders.com it also remains. Perhaps this is just a caching issue? I did check .htaccess again it did appear to be removed there. I appreciate your time.

Hello thanks.

the testing website im using is wvf.localgalaxy.com

the csp evaluator is stating the frame-src setting is valid BUT, object-src is failing. Is this an issue w googles csp-evaluator?

cannot publish just returns error; new install.

yes far better productivity if you could remove the additional page load by adding an “Update” and back to Pages list.