/// <summary>
 /// Add X-XSS-Protection 1; report=http://site.com/report to all requests.
 /// A partially supported directive that tells the user-agent to report potential XSS attacks to a single URL. Data will be POST'd to the report URL in JSON format.
 /// </summary>
 /// <param name="policies">The collection of policies</param>
 /// <param name="reportUrl">The url to report potential XSS attacks to</param>
 public static HeaderPolicyCollection AddXssProtectionReport(this HeaderPolicyCollection policies, string reportUrl)
 {
     return(policies.ApplyPolicy(XssProtectionHeader.Block()));
 }
 /// <summary>
 /// Add X-XSS-Protection 1; mode=block to all requests.
 /// Enables XSS protections and instructs the user-agent to block the response in the event that script has been inserted from user input, instead of sanitizing.
 /// </summary>
 /// <param name="policies">The collection of policies</param>
 public static HeaderPolicyCollection AddXssProtectionBlock(this HeaderPolicyCollection policies)
 {
     return(policies.ApplyPolicy(XssProtectionHeader.Block()));
 }