NewResponseWriter creates a new ResponseWriter and Close func which will prevent Go's http.ResponseWriter default behavior of detecting the Content-Type.

DefaultHeaders contain CORS headers meant to prevent the execution of Javascript in compliant browsers.

DefaultUnsafeTypes are Content-Types that browsers will render as hypertext.

NoXSSResponseWriter implements http.ResponseWriter but prevents renderable Content-Types from being automatically detected.