Ajouter les entêtes HTTP de sécurité

            // Add HTTP security headers
            $this->response->header('X-Frame-Options', 'DENY');
            $this->response->header('X-Content-Type-Options', 'nosniff');
            $this->response->header('X-XSS-Protection', '1; mode=block');
            $this->response->header('Referrer-Policy', 'strict-origin-when-cross-origin');

            // The following HTTP security headers are not yet implemented
                // $this->response->header('Strict-Transport-Security', 'max-age=31536000');
                // $this->response->header('Content-Security-Policy', "default-src 'self' statistiques.adullact.org;");