Security related headers

[Anders Persson]

I would like to make sure that I always get  a set of security related headers in my responses. Anyone that have a Best Practice for that. For example 

Content-Security-Policy

Strict-Transport-Security

It would be nice to have these kind of helpers like

put_content_type_text_xml

If somebody guides me I can try to add some.

Regards

Anders

[Jocelyn Fiat]

Sorry I haven't noticed this message until now.

Indeed we can add the related helpers.

Let me come back to this a bit later, however if you already have a solution, don't hesitate to share.