We have deployed a custom Angular application to SAP Cloud Platform NeoEnvironment, using HTML5 applications deployment option. During a security review of the application, our security team raised a few issues regarding headers received in response. When a request is performed to the application, we can see following response headers(as in attachment):
We would like to add custom response headers, such as:
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Are there any options available to add custom headers via server configuration?