Laravel Not Adding Custom Headers

Try this out: In the controller function that calls the view, follow with a call to the 'Response' class:

$contents = View::make('your_view')->with('data', $data);$response = Response::make($contents, 200);$response->header('X-Frame-Options','deny'); // Anti clickjacking$response->header('X-XSS-Protection', '1; mode=block'); // Anti cross site scripting (XSS)$response->header('X-Content-Type-Options', 'nosniff'); // Reduce exposure to drive-by dl attacks$response->header('Content-Security-Policy', 'default-src \'self\''); // Reduce risk of XSS, clickjacking, and other stuff    // Don't cache stuff (we'll be updating the page frequently)$response->header('Cache-Control', 'nocache, no-store, max-age=0, must-revalidate');$response->header('Pragma', 'no-cache');$response->header('Expires', 'Fri, 01 Jan 1990 00:00:00 GMT');return $response;

Of course you could refactor the above and include it in a helper function.

Also an option:

return Response::view('view_name', [    'data' => $data,  ])->header('X-Frame-Options','deny');

Found in: http://laravel.com/docs/4.2/responses#basic-responses

Look at Creating Custom Responses

return response($content)            ->header('Content-Type', $type)            ->header('X-Header-One', 'Header Value')            ->header('X-Header-Two', 'Header Value');

laravel 5.8