Configurable Response Headers

[thatsjet]

As a security-minded website owner, I would like to be able to add relevant headers to secure the site, such as Content-Security-Policy: default-src='self' and X-Frame-Options: deny

[payton]

Ultimately, you would want to add another Lambda function that executes on Viewer Response. This function would then modify/add the relevant headers.

I'll leave this issue open as a feature request.