This release focuses on clearer error handling, automated URL submissions, and tighter security defaults so the site behaves more reliably in everyday use.
New error page: A dedicated error page is now in place, with a clear message, optional error details, and a quick link back to the homepage. This helps visitors understand what happened and recover faster.
IndexNow support: An IndexNow verification file and a new webhook endpoint were added to support automated URL submissions. This makes it easier to notify IndexNow when content URLs are provided to the endpoint.
New social image option: A new Social Image Square asset field is available, along with a matching 1080x1080 image transform. This provides a consistent square format for social sharing imagery.
Stronger default security headers: Additional browser security headers are now sent, including protections like stricter referrer handling, clickjacking mitigation, and HSTS. This helps reduce common classes of browser-based attacks.
Content Security Policy updates: CSP rules were updated to include required Typekit and BuySellAds domains, and to allow Craft update checks from the control panel. This helps prevent blocked assets and avoids issues when checking for updates.