diff --git a/lib/private/api.php b/lib/private/api.php
index 6823a19881f6495c7c01c60d7f5c680cc807a32a..fb2110471b28d18d57a7e3851628b2e923603b51 100644
--- a/lib/private/api.php
+++ b/lib/private/api.php
@@ -350,6 +350,10 @@ class OC_API {
 			header('HTTP/1.0 401 Unauthorized');
 		}
 
+		foreach($result->getHeaders() as $name => $value) {
+			header($name . ': ' . $value);
+		}
+
 		if (self::isV2()) {
 			$statusCode = self::mapStatusCodes($result->getStatusCode());
 			if (!is_null($statusCode)) {
diff --git a/lib/private/ocs/result.php b/lib/private/ocs/result.php
index 1ee2982ac4a12530fa064b697fa5fede30382c8f..c4b0fbf33f3b2df6c43bbf763936cc59868d9cfe 100644
--- a/lib/private/ocs/result.php
+++ b/lib/private/ocs/result.php
@@ -27,7 +27,23 @@
 
 class OC_OCS_Result{
 
-	protected $data, $message, $statusCode, $items, $perPage;
+	/** @var array  */
+	protected $data;
+
+	/** @var null|string */
+	protected $message;
+
+	/** @var int */
+	protected $statusCode;
+
+	/** @var integer */
+	protected $items;
+
+	/** @var integer */
+	protected $perPage;
+
+	/** @var array */
+	private $headers = [];
 
 	/**
 	 * create the OCS_Result object
@@ -106,5 +122,32 @@ class OC_OCS_Result{
 		return ($this->statusCode == 100);
 	}
 
+	/**
+	 * Adds a new header to the response
+	 * @param string $name The name of the HTTP header
+	 * @param string $value The value, null will delete it
+	 * @return $this
+	 */
+	public function addHeader($name, $value) {
+		$name = trim($name);  // always remove leading and trailing whitespace
+		// to be able to reliably check for security
+		// headers
+
+		if(is_null($value)) {
+			unset($this->headers[$name]);
+		} else {
+			$this->headers[$name] = $value;
+		}
+
+		return $this;
+	}
+
+	/**
+	 * Returns the set headers
+	 * @return array the headers
+	 */
+	public function getHeaders() {
+		return $this->headers;
+	}
 
 }