The following Web HTTP Security Headers are needed to set with proper values in web server to ensure effective application security .

X-Frame-Options, X-XSS-Protection, X-Content-Type-Options, HTTP-Strict-Transport-Security