Need to configure AppGateway to return required security response headers

[slb-syang]

Currently, the mandatory HTTP response headers are not returned when a path is not found or JWT header is missing or invalid in a request. Need to return the following mandatory headers from App Gateway: "X-XSS-Protection" "X-Content-Type-Options" "X-Frame-Options" "Cache-Control "Expires" "Strict-Transport-Security"

This feature may be required or custom rules can be added.

[danielscholl]

This feature/code has fully migrated to GitLab.