add permission policy & bump version

Author: zero-24

httpheader.xml

@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="utf-8"?>
 <extension version="3.9" type="plugin" group="system" method="upgrade">
 	<name>plg_system_httpheader</name>
-	<creationDate>24.03.2020</creationDate>
+	<creationDate>26.08.2020</creationDate>
 	<author>Tobias Zulauf</author>
 	<copyright>(C) 2017 - 2020 Tobias Zulauf All rights reserved.</copyright>
 	<authorUrl>https://www.jah-tz.de</authorUrl>
-	<version>1.0.12</version>
+	<version>1.0.13</version>
 	<license>GNU/GPL Version 2 or later</license>
 	<description>PLG_SYSTEM_HTTPHEADER_XML_DESCRIPTION</description>
 	<scriptfile>script.php</scriptfile>

language/de-DE/de-DE.plg_system_httpheader.ini

@@ -5,7 +5,7 @@ COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 PLG_SYSTEM_HTTPHEADER="System - HttpHeader"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Statische HTTP Header definieren"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Über diese Option können allen unterstützten HTTP Headern auch eigene Werte zugewiesen werden, die Werte hier überschreiben alle vorherigen Konfigurationen!. Die unterstützen HTTP Header sind: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Über diese Option können allen unterstützten HTTP Headern auch eigene Werte zugewiesen werden, die Werte hier überschreiben alle vorherigen Konfigurationen!. Die unterstützen HTTP Header sind: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="HTTP Header"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="HTTP Header Wert"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"
@@ -49,4 +49,4 @@ PLG_SYSTEM_HTTPHEADER_XFRAMEOPTIONS="<a href='https://scotthelme.co.uk/hardening
 PLG_SYSTEM_HTTPHEADER_XFRAMEOPTIONS_DESC="Diese Option setzt den 'X-Frame-Options' Header mit dem Wert 'SAMEORIGIN' und sollte die Content-Security-Policy automatisch vom Plugin generiert werden wird zusätzlich die directive 'frame-ancestors' auf den Wert 'self' gesetzt."
 PLG_SYSTEM_HTTPHEADER_XML_DESCRIPTION="Dieses Plugin kann Security HTTP Header setzen"
 PLG_SYSTEM_HTTPHEADER_XXSSPROTECTION="<a href='https://scotthelme.co.uk/hardening-your-http-response-headers/#x-xss-protection' target='_blank' rel='noopener noreferrer'>X-XSS-Protection</a>"
-PLG_SYSTEM_HTTPHEADER_XXSSPROTECTION_DESC="Diese Option setzt den 'X-XSS-Protection' Header mit dem Wert '1; mode=block'"
+PLG_SYSTEM_HTTPHEADER_XXSSPROTECTION_DESC="Diese Option setzt den 'X-XSS-Protection' Header mit dem Wert '1; mode=block'"

language/en-GB/en-GB.plg_system_httpheader.ini

@@ -5,7 +5,7 @@ COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 PLG_SYSTEM_HTTPHEADER="System - HTTPHeaders"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Force HTTP Headers"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Using this you can set different values from the default ones and also force headers. The supported headers are: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Using this you can set different values from the default ones and also force headers. The supported headers are: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="HTTP Header"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="HTTP Header Value"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"
@@ -45,4 +45,4 @@ PLG_SYSTEM_HTTPHEADER_REFERRERPOLICY_UNSAFE_URL="unsafe-url"
 PLG_SYSTEM_HTTPHEADER_XCONTENTTYPEOPTIONS="<a href='https://scotthelme.co.uk/hardening-your-http-response-headers/#x-content-type-options' target='_blank' rel='noopener noreferrer'>X-Content-Type-Options</a>"
 PLG_SYSTEM_HTTPHEADER_XFRAMEOPTIONS="<a href='https://scotthelme.co.uk/hardening-your-http-response-headers/#x-frame-options' target='_blank' rel='noopener noreferrer'>X-Frame-Options</a>"
 PLG_SYSTEM_HTTPHEADER_XML_DESCRIPTION="This Plugin helps you to set the HTTP Security Headers."
-PLG_SYSTEM_HTTPHEADER_XXSSPROTECTION="<a href='https://scotthelme.co.uk/hardening-your-http-response-headers/#x-xss-protection' target='_blank' rel='noopener noreferrer'>X-XSS-Protection</a>"
+PLG_SYSTEM_HTTPHEADER_XXSSPROTECTION="<a href='https://scotthelme.co.uk/hardening-your-http-response-headers/#x-xss-protection' target='_blank' rel='noopener noreferrer'>X-XSS-Protection</a>"

language/fr-FR/fr-FR.plg_system_httpheader.ini

@@ -7,7 +7,7 @@ COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict Transport Security (HSTS)"
 COM_PLUGINS_CSP_FIELDSET_LABEL="Content Security Policy (CSP)"
 PLG_SYSTEM_HTTPHEADER="Système - En-têtes HTTP"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Forcer les en-têtes HTTP"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Vous pouvez ainsi définir des valeurs différentes des valeurs par défaut et forcer les en-têtes. Les en-têtes supportés sont : <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Vous pouvez ainsi définir des valeurs différentes des valeurs par défaut et forcer les en-têtes. Les en-têtes supportés sont : <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="En-tête HTTP"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="Valeur de l'en-tête HTTP"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Politique de sécurité du contenu (CSP)</a>"

language/it-IT/it-IT.plg_system_httpheader.ini

@@ -6,7 +6,7 @@ COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 PLG_SYSTEM_HTTPHEADER="System - HTTPHeaders"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="Forza Header HTTP"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Utilizzando quest'opzione puoi impostare valori differenti da quelli predefiniti e forzare gli header. Gli header supportati sono: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Utilizzando quest'opzione puoi impostare valori differenti da quelli predefiniti e forzare gli header. Gli header supportati sono: <br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="Header HTTP"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="Valore Header HTTP"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"

language/nl-NL/nl-NL.plg_system_httpheader.ini

@@ -6,7 +6,7 @@ COM_PLUGINS_HSTS_FIELDSET_LABEL="Strict-Transport-Security (HSTS)"
 COM_PLUGINS_CSP_FIELDSET_LABEL="Content-Security-Policy (CSP)"
 PLG_SYSTEM_HTTPHEADER="Systeem - HTTPHeaders"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER="HTTP Headers forceren"
-PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Hiermee kunt u andere waarden instellen dan de standaardwaarden en ook HTTP Headers forceren. De ondersteunde Headers zijn:<br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li></ul>"
+PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_DESC="Hiermee kunt u andere waarden instellen dan de standaardwaarden en ook HTTP Headers forceren. De ondersteunde Headers zijn:<br><ul><li>Strict-Transport-Security</li><li>Content-Security-Policy</li><li>Content-Security-Policy-Report-Only</li><li>X-Frame-Options</li><li>X-XSS-Protection</li><li>X-Content-Type-Options</li><li>Referrer-Policy</li><li>Expect-CT</li><li>Feature-Policy</li><li>Permission-Policy</li></ul>"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_KEY="HTTP Header"
 PLG_SYSTEM_HTTPHEADER_ADDITIONAL_HEADER_VALUE="HTTP Header waarde"
 PLG_SYSTEM_HTTPHEADER_CONTENTSECURITYPOLICY="<a href='https://scotthelme.co.uk/content-security-policy-an-introduction' target='_blank' rel='noopener noreferrer'>Content Security Policy (CSP)</a>"

update.xml

@@ -1,18 +1,18 @@
 <?xml version="1.0" ?>
 <updates>
 	<update>
-		<name>HttpHeader 1.0.12</name>
+		<name>HttpHeader 1.0.13</name>
 		<description>HttpHeader Plugin</description>
 		<element>httpheader</element>
 		<type>plugin</type>
 		<folder>system</folder>
 		<client>site</client>
-		<version>1.0.12</version>
+		<version>1.0.13</version>
 		<infourl title="HttpHeader Plugin">https://github.com/zero-24/plg_system_httpheader</infourl>
 		<downloads>
-			<downloadurl type="full" format="zip">https://github.com/zero-24/plg_system_httpheader/releases/download/1.0.12/plg_system_httpheader.zip</downloadurl>
+			<downloadurl type="full" format="zip">https://github.com/zero-24/plg_system_httpheader/releases/download/1.0.13/plg_system_httpheader.zip</downloadurl>
 		</downloads>
-		<sha512>499aa7897a9640e5491d51375360d8267d659a6a4f3e5148bf7a06af7d57715aa9ac4c1ddadb2f197e0e9e230bcecd5be16ed6d0110a5962b43c3a0155ac4473</sha512>
+		<sha512>b2e3127dcb821a6b65bfc282685513ed4c6d87ec424b7350b709e53831fda090275116ee62b2fb9cef585df63b1924c622f1ab32d2745006afeaa107af9f1de7</sha512>
 		<tags>
 			<tag>stable</tag>
 		</tags>
@@ -22,24 +22,24 @@
 		<targetplatform name="joomla" version="3.([89]|10)"/>
 	</update>
 	<update>
-		<name>HttpHeader 1.0.12</name>
+		<name>HttpHeader 1.0.13</name>
 		<description>HttpHeader Plugin</description>
 		<element>httpheader</element>
 		<type>plugin</type>
 		<folder>system</folder>
 		<client>site</client>
-		<version>1.0.12</version>
+		<version>1.0.13</version>
 		<infourl title="HttpHeader Plugin">https://github.com/zero-24/plg_system_httpheader</infourl>
 		<downloads>
-			<downloadurl type="full" format="zip">https://github.com/zero-24/plg_system_httpheader/releases/download/1.0.12/plg_system_httpheader.zip</downloadurl>
+			<downloadurl type="full" format="zip">https://github.com/zero-24/plg_system_httpheader/releases/download/1.0.13/plg_system_httpheader.zip</downloadurl>
 		</downloads>
-		<sha512>499aa7897a9640e5491d51375360d8267d659a6a4f3e5148bf7a06af7d57715aa9ac4c1ddadb2f197e0e9e230bcecd5be16ed6d0110a5962b43c3a0155ac4473</sha512>
+		<sha512>b2e3127dcb821a6b65bfc282685513ed4c6d87ec424b7350b709e53831fda090275116ee62b2fb9cef585df63b1924c622f1ab32d2745006afeaa107af9f1de7</sha512>
 		<tags>
 			<tag>stable</tag>
 		</tags>
 		<maintainer>Tobias Zulauf</maintainer>
 		<maintainerurl>https://www.jah-tz.de</maintainerurl>
-		<php_minimum>7.0.0</php_minimum>
+		<php_minimum>7.2.5</php_minimum>
 		<targetplatform name="joomla" version="4.0"/>
 	</update>
 </updates>