Add or Remove response header based on the user authorization or request url

Question

I need to add and remove response headers from the page based on the user authorization, for example if the current user in anonymous then the most secured headers must be i