Remove security headers - too strict

for #323

src/Lifecycle.php

@@ -56,8 +56,6 @@ public function start():void {
 			])
 		);
 
-		$this->defaultSecurityHeaders($config->get("security.default_headers"));
-
 		$input = new Input($_GET, $_POST, $_FILES);
 		$cookie = new CookieHandler($_COOKIE);
 
@@ -125,18 +123,6 @@ public function start():void {
 		$this->finish($response);
 	}
 
-	/**
-	 * Set some sensible security headers by default. These can be
-	 * overridden/disabled in the project's config.ini, but it makes sense
-	 * to supply them by default in order to protect user applications
-	 * without the explicit need for security configuration.
-	 */
-	public function defaultSecurityHeaders(string $headersString) {
-		foreach(explode(";", $headersString) as $header) {
-			header(trim($header));
-		}
-	}
-
 	/**
 	 * By default, PHP passes all sensitive user information around in global variables,
 	 * available for reading and modification in any code, including third party libraries.