Headers Implemented:

• Strict-Transport-Security (HSTS): Enforces HTTPS.

• Content-Security-Policy (CSP): Restricts content sources to mitigate XSS attacks.

• X-Frame-Options: Prevents clickjacking.

• X-Content-Type-Options: Protects against MIME-sniffing.

• Referrer-Policy: Controls referral data sent to other domains.

• Permissions-Policy: Restricts use of browser features like geolocation, camera, and microphone.