Updated for protection against MIME & XSS based attacks

[yashdusing]

Updated headers to ajax call for protection against MIME and XSS based attacks

[Ram81]

@yashdusing can you use the methods listed in #459 to verify the changes you made for HTTP Headers works and mention the results here.

[yashdusing]

It shows up as unprotected (the same as shown in #459). Although I do have a doubt. 0.0.0.0:8000 is the home page site which has no headers on it. The headers are added to the ajax calls made to import/export or other apps so isn’t it supposed to show up not protected ?(unless we somehow added XSS protection to home page)

[yashdusing]

So 0.0.0.0:8000/layer_parameter also is shown as unprotected 😓. I will have to figure out why

[yashdusing]

Updated for main page with postman results