Security header updates

Hi All

I need help with the security header updates for Chronograf. Do we have a file to address this setting?

X-Frame-Options:
Apache: Header always append X-Frame-Options SAMEORIGIN
nginx: add_header X-Frame-Options SAMEORIGIN;
HAProxy: rspadd X-Frame-Options:\ SAMEORIGIN
IIS:

X-XSS-Protection:
Apache: Header always set X-XSS-Protection “1; mode=block”
PHP: header(“X-XSS-Protection: 1; mode=block”);

X-Content-Type-Options:
Apache: Header always set X-Content-Type-Options: nosniff

HTTP Strict-Transport-Security:
Apache: Header always set Strict-Transport-Security “max-age=31536000; includeSubDomains”
Nginx: add_header Strict-Transport-Security max-age=31536000;

Thanks and Regards,
Deepthi