open_in_new content_copy 
/**
 * Security Headers 
 */

function add_security_headers() {
    header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload");
    //header("Content-Security-Policy: default-src 'self';");
    header("X-Frame-Options: SAMEORIGIN");
    header("X-Content-Type-Options: nosniff");
    header("Referrer-Policy: no-referrer-when-downgrade");
    header("Permissions-Policy: geolocation=(self), microphone=()");
}
add_action('send_headers', 'add_security_headers');