get_array( 'browsercache.security.fp.values' ); $feature_policies = array( array( 'label' => 'accelerometer', 'description' => esc_html__( 'Controls whether the current document is allowed to gather information about the acceleration of the device through the Accelerometer interface.', 'w3-total-cache' ), ), array( 'label' => 'ambient-light-sensor', 'description' => esc_html__( 'Controls whether the current document is allowed to gather information about the amount of light in the environment around the device through the AmbientLightSensor interface.', 'w3-total-cache' ), ), array( 'label' => 'autoplay', 'description' => esc_html__( 'Controls whether the current document is allowed to autoplay media requested through the HTMLMediaElement interface.', 'w3-total-cache' ), ), array( 'label' => 'battery', 'description' => esc_html__( 'Controls whether the use of the Battery Status API is allowed. When this policy is disabled, the Promise returned by Navigator.getBattery() will reject with a NotAllowedError DOMException.', 'w3-total-cache' ), ), array( 'label' => 'camera', 'description' => esc_html__( 'Controls whether the current document is allowed to use video input devices.', 'w3-total-cache' ), ), array( 'label' => 'display-capture', 'description' => esc_html__( 'Controls whether or not the document is permitted to use Screen Capture API.', 'w3-total-cache' ), ), array( 'label' => 'document-domain', 'description' => esc_html__( 'Controls whether the current document is allowed to set document.domain.', 'w3-total-cache' ), ), array( 'label' => 'encrypted-media', 'description' => esc_html__( 'Controls whether the current document is allowed to use the Encrypted Media Extensions API (EME).', 'w3-total-cache' ), ), array( 'label' => 'execution-while-not-rendered', 'description' => esc_html__( 'Controls whether tasks should execute in frames while they\'re not being rendered (e.g. if an iframe is hidden or display: none).', 'w3-total-cache' ), ), array( 'label' => 'execution-while-out-of-viewport', 'description' => esc_html__( 'Controls whether tasks should execute in frames while they\'re outside of the visible viewport.', 'w3-total-cache' ), ), array( 'label' => 'fullscreen', 'description' => esc_html__( 'Controls whether the current document is allowed to use Element.requestFullScreen().', 'w3-total-cache' ), ), array( 'label' => 'gamepad', 'description' => esc_html__( 'Controls whether the current document is allowed to use the Gamepad API. When this policy is disabled, calls to Navigator.getGamepads() will throw a SecurityError DOMException, and the gamepadconnected and gamepaddisconnected events will not fire.', 'w3-total-cache' ), ), array( 'label' => 'geolocation', 'description' => esc_html__( 'Controls whether the current document is allowed to use the Geolocation Interface.', 'w3-total-cache' ), ), array( 'label' => 'gyroscope', 'description' => esc_html__( 'Controls whether the current document is allowed to gather information about the orientation of the device through the Gyroscope interface.', 'w3-total-cache' ), ), array( 'label' => 'layout-animations', 'description' => esc_html__( 'Controls whether the current document is allowed to show layout animations.', 'w3-total-cache' ), ), array( 'label' => 'legacy-image-formats', 'description' => esc_html__( 'Controls whether the current document is allowed to display images in legacy formats.', 'w3-total-cache' ), ), array( 'label' => 'magnetometer', 'description' => esc_html__( 'Controls whether the current document is allowed to gather information about the orientation of the device through the Magnetometer interface.', 'w3-total-cache' ), ), array( 'label' => 'microphone', 'description' => esc_html__( 'Controls whether the current document is allowed to use audio input devices.', 'w3-total-cache' ), ), array( 'label' => 'midi', 'description' => esc_html__( 'Controls whether the current document is allowed to use the Web MIDI API.', 'w3-total-cache' ), ), array( 'label' => 'navigation-override', 'description' => esc_html__( 'Controls the availability of mechanisms that enables the page author to take control over the behavior of spatial navigation, or to cancel it outright.', 'w3-total-cache' ), ), array( 'label' => 'oversized-images', 'description' => esc_html__( 'Controls whether the current document is allowed to download and display large images.', 'w3-total-cache' ), ), array( 'label' => 'payment', 'description' => esc_html__( 'Controls whether the current document is allowed to use the Payment Request API.', 'w3-total-cache' ), ), array( 'label' => 'picture-in-picture', 'description' => esc_html__( 'Controls whether the current document is allowed to play a video in a Picture-in-Picture mode via the corresponding API.', 'w3-total-cache' ), ), array( 'label' => 'publickey-credentials-get', 'description' => esc_html__( 'Controls whether the current document is allowed to use the Web Authentication API to retrieve already stored public-key credentials, i.e. via navigator.credentials.get({publicKey: ..., ...}).', 'w3-total-cache' ), ), array( 'label' => 'screen-wake-lock', 'description' => esc_html__( 'Controls whether the current document is allowed to use Screen Wake Lock API to indicate that device should not turn off or dim the screen.', 'w3-total-cache' ), ), array( 'label' => 'speaker', 'description' => esc_html__( 'Controls whether the current document is allowed to play audio via any methods.', 'w3-total-cache' ), ), array( 'label' => 'sync-xhr', 'description' => esc_html__( 'Controls whether the current document is allowed to make synchronous XMLHttpRequest requests.', 'w3-total-cache' ), ), array( 'label' => 'unoptimized-images', 'description' => esc_html__( 'Controls whether the current document is allowed to download and display unoptimized images.', 'w3-total-cache' ), ), array( 'label' => 'unsized-media', 'description' => esc_html__( 'Controls whether the current document is allowed to change the size of media elements after the initial layout is complete.', 'w3-total-cache' ), ), array( 'label' => 'usb', 'description' => esc_html__( 'Controls whether the current document is allowed to use the WebUSB API.', 'w3-total-cache' ), ), array( 'label' => 'vibrate', 'description' => esc_html__( 'Controls whether the current document is allowed to trigger device vibrations via Navigator.vibrate() method of Vibration API.', 'w3-total-cache' ), ), array( 'label' => 'vr', 'description' => esc_html__( 'Controls whether the current document is allowed to use the WebVR API. When this policy is disabled, the Promise returned by Navigator.getVRDisplays() will reject with a DOMException. Keep in mind that the WebVR standard is in the process of being replaced with WebXR.', 'w3-total-cache' ), ), array( 'label' => 'wake-lock', 'description' => esc_html__( 'Controls whether the current document is allowed to use Wake Lock API to indicate that device should not enter power-saving mode.', 'w3-total-cache' ), ), array( 'label' => 'web-share', 'description' => esc_html__( 'Controls whether or not the current document is allowed to use the Navigator.share() of Web Share API to share text, links, images, and other content to arbitrary destinations of user\'s choice, e.g. mobile apps.', 'w3-total-cache' ), ), array( 'label' => 'xr-spatial-tracking', 'description' => esc_html__( 'Controls whether the current document is allowed to use the WebXR Device API.', 'w3-total-cache' ), ), ); ?>

', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>

'browsercache.security.session.use_only_cookies', 'control' => 'selectbox', 'selectbox_values' => $security_session_values, 'description' => wp_kses( sprintf( // translators: 1 opening HTML acronym tag, 2 closing HTML acronym tag. __( 'This setting prevents attacks that are caused by passing session IDs in %1$sURL%2$ss.', 'w3-total-cache' ), '', '' ), array( 'acronym' => array( 'title' => array(), ), ) ), ) ); ?> 'browsercache.security.session.cookie_httponly', 'control' => 'selectbox', 'selectbox_values' => $security_session_values, 'description' => esc_html__( 'This tells the user\'s browser not to make the session cookie accessible to client side scripting such as JavaScript. This makes it harder for an attacker to hijack the session ID and masquerade as the effected user.', 'w3-total-cache' ), ) ); ?> 'browsercache.security.session.cookie_secure', 'control' => 'selectbox', 'selectbox_values' => $security_session_values, 'description' => esc_html__( 'This will prevent the user\'s session ID from being transmitted in plain text, making it much harder to hijack the user\'s session.', 'w3-total-cache' ), ) ); ?>
checkbox( 'browsercache.hsts' ); ?>

', '', '', '', '', '', '', '', '', '', '', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>

checkbox( 'browsercache.security.xfo' ); ?>

value="_config->get_string( 'browsercache.security.xfo.allow' ) ); ?>" size="50" placeholder="Enter URL" />
checkbox( 'browsercache.security.xss' ); ?>

', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>

checkbox( 'browsercache.security.xcto' ); ?>

checkbox( 'browsercache.security.pkp' ); ?>

', '', '', '', '', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>

value="_config->get_string( 'browsercache.security.pkp.pin' ) ); ?>" size="50" placeholder="Enter the Base64-Encode of the SHA256 Hash" />
', '', '', '' ), array( 'b' => array(), 'acronym' => array( 'title' => array(), ), ) ); ?>
value="_config->get_string( 'browsercache.security.pkp.pin.backup' ) ); ?>" size="50" placeholder="Enter the Base64-Encode of the SHA256 Hash" />
', '', '', '' ), array( 'b' => array(), 'acronym' => array( 'title' => array(), ), ) ); ?>
value="_config->get_string( 'browsercache.security.pkp.report.url' ) ); ?>" size="50" placeholder="Enter URL" />
', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>
checkbox( 'browsercache.security.referrer.policy' ); ?>

checkbox( 'browsercache.security.csp' ); ?>

', '', '', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>

value="_config->get_string( 'browsercache.security.csp.reporturi' ) ); ?>" size="50" placeholder="Example: https://endpoint.com" />
value="_config->get_string( 'browsercache.security.csp.reportto' ) ); ?>" size="50" placeholder="Example: csp-endpoint" />


value="_config->get_string( 'browsercache.security.csp.base' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>
value="_config->get_string( 'browsercache.security.csp.connect' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
value="_config->get_string( 'browsercache.security.csp.font' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
value="_config->get_string( 'browsercache.security.csp.frame' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
value="_config->get_string( 'browsercache.security.csp.img' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
value="_config->get_string( 'browsercache.security.csp.media' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
value="_config->get_string( 'browsercache.security.csp.object' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
value="_config->get_string( 'browsercache.security.csp.script' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
value="_config->get_string( 'browsercache.security.csp.style' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>
value="_config->get_string( 'browsercache.security.csp.form' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
', '' ), array( 'acronym' => array( 'title' => array(), ), ) ); ?>
value="_config->get_string( 'browsercache.security.csp.frame.ancestors' ) ); ?>" size="50" placeholder="Example: 'none'" />
value="_config->get_string( 'browsercache.security.csp.plugin' ) ); ?>" size="50" placeholder="Example: application/x-shockwave-flash" />
value="_config->get_string( 'browsercache.security.csp.sandbox' ) ); ?>" size="50" placeholder="Example: allow-popups" />
value="_config->get_string( 'browsercache.security.csp.child' ) ); ?>" size="50" placeholder="Example: 'self' 'unsafe-inline' *.domain.com" />
and