From 89a62019f9ab79704de80c4f61c63ad9ccd8d5a9 Mon Sep 17 00:00:00 2001
From: Kate Walsh <kate@kanopi.com>
Date: Tue, 7 Jan 2025 18:47:16 -0500
Subject: [PATCH] Update 02-wordpress-best-practices.md

Permissions-Policy requires a comma between features, see [MDN](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy#examples)
---
 .../guides/wordpress-developer/02-wordpress-best-practices.md   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/source/content/guides/wordpress-developer/02-wordpress-best-practices.md b/source/content/guides/wordpress-developer/02-wordpress-best-practices.md
index c64ea3dd49..50cbcd7f38 100644
--- a/source/content/guides/wordpress-developer/02-wordpress-best-practices.md
+++ b/source/content/guides/wordpress-developer/02-wordpress-best-practices.md
@@ -133,7 +133,7 @@ function additional_securityheaders( $headers ) {
     $headers['Referrer-Policy']             = 'no-referrer-when-downgrade'; //This is the default value, the same as if it were not set.
     $headers['X-Content-Type-Options']      = 'nosniff';
     $headers['X-XSS-Protection']            = '1; mode=block';
-    $headers['Permissions-Policy']          = 'geolocation=(self "https://example.com") microphone=() camera=()';
+    $headers['Permissions-Policy']          = 'geolocation=(self "https://example.com"), microphone=(), camera=()';
     $headers['Content-Security-Policy']     = "script-src 'self'";
     $headers['X-Frame-Options']             = 'SAMEORIGIN';
   }