Update gems (#1743) * Update gem: simplecov to 0.12.0 * Update gem: elasticsearch to 2.0.0. * Update gem: kaminari to 1.17.0. * Update gem: rdf to 2.0.2. * Update gem: rdf-rdfxml to 2.0.0. * Update gem: rdf-n3 to 2.0.0. * Update gem: rest-client to 2.0.0. * Update gem: secure_headers to 3.4.0. * Update gem: d3_rails to 4.1.1. * Update gem: poltergeist to 1.10.0. * Update gem: webmock to 2.1.0. * Update gem: yard to 0.9.5. * Add comment about exception_notification requirements. * Add comment about active_model_serializers requirements. * Bundle update. * Obey Hound.

Set X-Frame-Options to SAMEORIGIN

Update gem: secure_headers to 3.0.2. This version uses a Rack middleware to add the headers. As a consecience, we cannot test in rspec whether or not the headers are set. `curl -I http://localhost:3000` can be used to check the headers manually.

Update gem secure_headers to version 2.5.1 and migrate to 3.0 config Migration is done according to https://github.com/twitter/secureheaders/blob/4af0071ee2643e78be9bb495a1e622bb9d700a78/upgrading-to-3-0.md

Update gem secure_headers to 2.4.3 The "-src" values now need to be set separately. They won't be set implicitly by the gem.

Comment for CSP unsafe-inline cause.

CSP Headers modified should solve #381

secure_headers added