how to fix content-secutiry policy issue and cookies encoding issue

we are using Kylo 0.8.3 currently .
issue-1

AppSec scanning giving - "Web Server misconfiguration" Missing "Content-Security-Policy" Header. How to fix the issue.
I am getting 'error while loading files....' when I navigate from Kylo UI. Is that related to above "Content-Security-Policy" issue? How to resolve the error on file loading while navigation from one tab to other in kylo?

issue-2
The cookies data is coming with base64 encoding which can easily be decoded by hacker. How to resolve the encoding issue identified by the AppSec scanner tool? We need a stronger encoding tech.

Please help on providing some insight on above 2 mentioned problems