All data that is used in the content that SSO produces and consumes is sanitized and encoded. We follow a number of security best-practices to build our applications, including for example OWASP (e.g. https://owasp.org/Top10/A03_2021-Injection/ ).
However if specific secure headers need to be implemented then we recommend implementing OWASP Secure headers at proxy or load balancer level.
Below are examples of security headers configuration in haproxy18, mentioned ocnfiguration should be added in haproxy.cfg file
http-response del-header Server
http-response del-header X-Powered-By
http-response set-header Strict-Transport-Security max-age=15768000;\ includeSubDomains;\ preload;
http-response set-header X-Content-Type-Options nosniff