I have an Angular application using Angular 17, and after a Qualys scan, some security issues were found. We have implemented Helmet at the API level, but now the scan is showing UI issues. To fix this issue, do we need to write code in Angular or configure the server where Angular is deployed? The Angular application is hosted on an AKS (Azure Kubernetes Service) cluster and is not using Nginx. Please find the issue from the Qualys scan

• 150202 Missing header: X-Content-Type-Options • 150206 Content-Security-Policy Not Implemented • 150208 Missing header: Referrer-Policy • 150248 Missing header: Permissions-Policy • 150789 MIME Type Mismatch • 150135 HTTP Strict Transport Security (HSTS) header missing or misconfigured • 150245 Missing header: X-Frame-Options • 150246 Path-relative stylesheet import • 150124 Clickjacking - Framable Page

Vulnerability , Path Disclosure , Information Disclosure , Information Gathered Scan Diagnostics, Security Weaknesses