* Fix: advanced-headers.php did not generated CSP correctly
* Fix: Browsers support for new report-to reporting attribute not good enought to use it yet.
Dropped PHP header option in favor of advanced-headers.php
* Improvement: New default Referrer Policy => strict-origin-when-cross-origin
* Improvement: New default for X-XSS header
* Improvement: Dropped Expect-CT header as it's now deprecated, integrated by default in certificates
* Improvement: Updated Permissions Policy with improved defaults, updated to new values as currently supported in browsers
* Improvement: dropped access-control-allow-origin header, as it can only be used dynamically, which is not feasible in most WP environments
* Improvement: new languages
* Improvement: several small bug fixes and typo's
Fix: roll back new license check
* Improvement: language files
* Changed: license
Removed credentialless from CORP setting as it caused some issues with embedded videos
Fix: PHP <7 compatibility
* Improvement: fix site health still showing header notice if activated in pro
* Improvement: set ssl verify to false on failed license check
* Improvement: improved CORS settings
* Improvement: add support for report-to in CSP
* Improvement: increase CSP display limit