Some HTTP security headers in Minio.
To avoid problems with XSS and Clickjacking attacks.
X-Frame-Options
X-Frame-Options response header improve the protection
of web applications against Clickjacking. It declares a
policy communicated from a host to the client browser
on whether the browser must not display the transmitted
content in frames of other web pages.
X-XSS-Protection
This header enables the Cross-site scripting (XSS) filter in your browser.
rpc/v2/json2 code has a bug where it treats all jsonrpc 2.0
request params like an 'object'. In accordance with the spec
it could be both 'object' or an 'array'.
Handle both cases.
