PHRAS-3859 add security headers : inital commit (#4324)

docker/phraseanet/php.ini.sample

@@ -1343,7 +1343,7 @@ session.use_strict_mode = 0
 session.use_cookies = 1
 
 ; http://php.net/session.cookie-secure
-;session.cookie_secure =
+session.cookie_secure = $COOKIE_SECURE
 
 ; This option forces PHP to fetch and use a cookie for storing and maintaining
 ; the session id. We encourage this operation as it's very helpful in combating