How to add security headers in response

We really need to see this added as well. It looks like they’ve added some of them here:

But not all the necessary headers. This is also a highly-voted feature request.