I managed to brick my site, what can I do?
If you set up strict CSP rules, your browser may have blocked certain resources (e.g. JavaScript / CSS). If you are unable to restore the settings via the dashboard, head over to the config file in /application/config/generated_overrides/http_headers/headers.php. You can remove a section, or change the value you think is causing issues.

How are the HTTP headers send?
The headers are sent with PHP, via a Middleware class. Technically it's also possible to configure your web server (e.g. Apache / Nginx) to send the headers, but that's not the case with this add-on.

Will you add different headers in the future?
Yes, but there are many and each header may have a different way of configuring. If you have requests, please let me know!

Will it conflict with other add-ons?
If other code (e.g. another add-on) is already sending a certain header, HTTP Headers will not overwrite the other header. The header will also not be duplicated. It will simply skip the header and move to the next.

A header is shown twice, how come?
Most likely your web server is configured to also send HTTP headers. The add-on cannot verify which headers are going to be sent by the web server. Please check the web server's configuration. For instance, I run Forge servers, but disabled all headers headers that were send by nginx from the config file. If that's not the case for you, it may be that another add-on is adding headers and is running after HTTP Headers, however that is not very likely.

What's the "Test" button for?
The form on the Test page runs a cURL request on your page and outputs the headers it receives. By doing so, you'd verify if the headers that you configured are present. Of course you'd also run your own cURL command, or open DevTools in Chrome (Network tab) to see the response headers.