Add security headers for non-CLI execution

Add security headers conditionally for non-CLI requests

resources/require.php

@@ -89,11 +89,13 @@
 	$database = database::new(['config' => $config]);
 
 //security headers
-	header("X-Frame-Options: SAMEORIGIN");
-	header("Content-Security-Policy: frame-ancestors 'self';");
-	header("X-Content-Type-Options: nosniff");
-	header("Referrer-Policy: strict-origin-when-cross-origin");
-	//header("Strict-Transport-Security: max-age=63072000; includeSubDomains; preload");
+	if (!defined('STDIN')) {
+		header("X-Frame-Options: SAMEORIGIN");
+		header("Content-Security-Policy: frame-ancestors 'self';");
+		header("X-Content-Type-Options: nosniff");
+		header("Referrer-Policy: strict-origin-when-cross-origin");
+		//header("Strict-Transport-Security: max-age=63072000; includeSubDomains; preload");
+	}
 
 //start the session if not using the command line
 	global $no_session;