diff --git a/config.php b/config.php
index 0d18a58..20c4747 100644
--- a/config.php
+++ b/config.php
@@ -12,6 +12,13 @@
 // Default password (NOT RECOMMENDED - DANGEROUS)
 // $user_pass = 'goodpassword';
 
+/**
+  * Security settings
+  */
+// Allowed frame ancestors e.g. your cloud URL incl. https:// (if you want to open the script from external sites app)
+// Multiple URLs can be set by separating them with a space
+// $frame_ancestors = 'https://cloud.example.com';
+
 /**
   * Folder settings
   */
diff --git a/email.php b/email.php
index 23732fc..2b767fd 100644
--- a/email.php
+++ b/email.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'email';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   if(!$_SESSION['authenticated']) {
diff --git a/functions.php b/functions.php
index eb211b7..b9eb7e5 100644
--- a/functions.php
+++ b/functions.php
@@ -418,7 +418,7 @@ function select_data_single_user(
       $item_data = $item == 'percentage_used'
         ? (in_array($quota, [-3, 0, 'none'])
           ? 'N/A'
-          : round(($used / $quota * 100), 1))
+          : round($used / $quota * 100, 1))
         : $data['ocs']['data'][$item];
 
       // Filter/format different data sets
@@ -859,11 +859,11 @@ function build_table_user_data($user_data) {
     for($col = 0; $col < sizeof($user_data[$row]); $col++) {
       $selected_data = $user_data[$row][$col];
 
-      $color_text = ($selected_data === 'N/A')
+      $color_text = $selected_data === 'N/A'
         ? ' color: grey;'
         : ' color: unset;';
 
-      $align = (in_array($col, $keypos_right_align, true))
+      $align = in_array($col, $keypos_right_align, true)
         ? 'text-align: right; white-space: nowrap;'
         : (in_array($col, $keypos_center_align, true)
           ? 'text-align: center;'
@@ -946,23 +946,28 @@ function build_table_groupfolder_data() {
 
   // Iterate through collected user data by row and column, build HTML table
   foreach($_SESSION['raw_groupfolders_data']['ocs']['data'] as $groupfolder) {
+
     $groups = build_csv_line($groupfolder['groups'], true, ', ');
 
-    $manager = null;
-    foreach($groupfolder['manage'] as $item)
-      $manager = $item['id'];
+    $manager = build_csv_line($groupfolder['manage'], false, ', ', 'id', 'type');
 
-    $acl = ($groupfolder['acl'])
+    $acl = $groupfolder['acl']
       ? '<span style="color: green">&#10004;</span>'
       : null;
 
-    $percent_used = round($groupfolder['size'] / $groupfolder['quota'] * 100,2);
+    $percent_used = $groupfolder['quota'] == -3
+      ? 'N/A'
+      : round($groupfolder['size'] / $groupfolder['quota'] * 100, 1);
+
+    $color_text = $percent_used === "N/A"
+      ? "style='color: grey;'"
+      : "";
 
     $table_groupfolder_data .= "<tr><td>".utf8_decode($groupfolder['id'])."</td>
-      <td>".$groupfolder['mount_point']."</td>
+      <td>{$groupfolder['mount_point']}</td>
       <td>$groups</td>
       <td class='align_r'>".format_size($groupfolder['size'])."</td>
-      <td class='align_r'>".round($percent_used, 1)."</td>
+      <td class='align_r'$color_text>$percent_used</td>
       <td class='align_r'>".format_size($groupfolder['quota'])."</td>
       <td class='align_c'>$acl</td>
       <td>$manager</td></tr>";
@@ -1142,9 +1147,7 @@ function build_groupfolder_data($array = null) {
   foreach($_SESSION['raw_groupfolders_data']['ocs']['data'] as $groupfolder) {
     $groups = build_csv_line($groupfolder['groups'], true, ', ');
 
-    $manager = null;
-    foreach($groupfolder['manage'] as $item)
-      $manager = $item['id'];
+    $manager = build_csv_line($groupfolder['manage'], false, ', ', 'id', 'type');
 
     if(!$array)
       $acl = ($groupfolder['acl'])
@@ -1153,7 +1156,7 @@ function build_groupfolder_data($array = null) {
     else
       $acl = $groupfolder['acl'];
 
-    $percent_used = round(($groupfolder['size'] / $groupfolder['quota'] * 100),1);
+    $percent_used = round($groupfolder['size'] / $groupfolder['quota'] * 100, 1);
 
     $groupfolder_data = [$groupfolder['id'],$groupfolder['mount_point'],
       $groups,format_size($groupfolder['size']),$percent_used,
@@ -1180,12 +1183,21 @@ function build_groupfolder_data($array = null) {
   * @return $csv_line   CSV formatted string
   *
   */
-function build_csv_line($array = null, $return_key = false, $delimiter = ',') {
+function build_csv_line($array = null, $return_key = false, $delimiter = ',',
+    $subarray_id = null, $subarray_type = null) {
+
   $array = $array ?? $_SESSION['data_choices'];
 
   $i = 0;
   foreach($array as $key => $item) {
-    if ($return_key)
+
+    if($subarray_id)
+      $item = $subarray_type
+        ? "{$item[$subarray_id]} ({$item[$subarray_type]})"
+        : $item[$subarray_id];
+
+
+    if($return_key)
       $csv_line .= ($i === 0)
         ? $key
         : $delimiter.$key;
@@ -1194,8 +1206,10 @@ function build_csv_line($array = null, $return_key = false, $delimiter = ',') {
         ? $item
         : $delimiter.$item;
     $i++;
+
   }
   return $csv_line;
+
 }
 
 /**
@@ -1208,10 +1222,12 @@ function build_csv_line($array = null, $return_key = false, $delimiter = ',') {
   *
   */
 function format_size($size) {
-  if ($size === 0)
+  if($size === 0)
     return "0 MB";
-  if ($size === null)
+  if($size === null)
     return '-';
+  if($size == -3)
+    return '∞ GB';
 
   $s = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
   $e = floor(log($size, 1024));
@@ -1250,3 +1266,22 @@ function random_str(
       $pieces []= $keyspace[random_int(0, $max)];
     return implode('', $pieces);
 }
+
+function set_security_headers() {
+
+  include 'config.php';
+
+  header("X-Content-Type-Options: nosniff");
+  header("Content-Security-Policy: frame-ancestors 'self' $frame_ancestors");
+  header("X-Robots-Tag: none");
+  header("Referrer-Policy: same-origin");
+
+}
+
+function session_secure_start() {
+
+  session_set_cookie_params(
+      '3600', '/', $_SERVER['SERVER_NAME'], isset($_SERVER["HTTPS"]), true);
+  session_start();
+
+}
diff --git a/groupfolders.php b/groupfolders.php
index 2988f02..8acece0 100644
--- a/groupfolders.php
+++ b/groupfolders.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'groupfolders';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   echo "<html lang='{$_SESSION['language']}'>";
diff --git a/groupfolders_detail.php b/groupfolders_detail.php
index 64e1d09..af97528 100644
--- a/groupfolders_detail.php
+++ b/groupfolders_detail.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'groupfolders';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   $export_type = $_POST['export_type'];
diff --git a/groups.php b/groups.php
index 2c37633..4f47b8c 100644
--- a/groups.php
+++ b/groups.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'groups';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   echo "<html lang='{$_SESSION['language']}'>";
diff --git a/groups_detail.php b/groups_detail.php
index 9a1ecee..fdec4a2 100644
--- a/groups_detail.php
+++ b/groups_detail.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'groups';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   $export_type = $_POST['export_type'];
diff --git a/index.php b/index.php
index bc3d96f..c9942d4 100644
--- a/index.php
+++ b/index.php
@@ -1,10 +1,11 @@
 <?php
 
-  session_start();
   $active_page = "index";
   require_once 'functions.php';
   include_once 'config.php';
 
+  session_secure_start();
+
   /**
   * Get parameters if any, set defaults
   */
@@ -22,8 +23,9 @@
     session_destroy();
     session_write_close();
     setcookie(session_name(),'',0,'/');
-    
+
     header('Location: index.php');
+
   }
 
   $target_url = filter_input(INPUT_GET, 'url', FILTER_SANITIZE_URL)
@@ -82,6 +84,7 @@
     calculate_quota();
   }
 
+  set_security_headers();
   echo "<html lang='{$_SESSION['language']}'>";
 
 ?>
diff --git a/statistics.php b/statistics.php
index d3f5ade..bd65b98 100644
--- a/statistics.php
+++ b/statistics.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'statistics';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   echo "<html lang='{$_SESSION['language']}'>"
diff --git a/users.php b/users.php
index 90425e8..603e19c 100644
--- a/users.php
+++ b/users.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'users';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   $export_type = $_SESSION['export_type'];
diff --git a/users_detail.php b/users_detail.php
index 4f66cfe..8c98337 100644
--- a/users_detail.php
+++ b/users_detail.php
@@ -1,9 +1,11 @@
 <?php
 
-  session_start();
   $active_page = 'users';
   require_once 'functions.php';
   include_once 'config.php';
+
+  session_secure_start();
+
   require_once 'l10n/'.$_SESSION['language'].'.php';
 
   // Filter POST array and save keys with value 'true' as constant
@@ -13,7 +15,7 @@
     header('Content-Type: text/html; charset=utf-8');
     exit(L10N_ERROR . L10N_SELECT_AT_LEAST_ONE_COLUMN . L10N_RETURN_TO_FORM);
   }
-    
+
   $_SESSION['filters_set'] = array_keys($_POST, 'set_filter');
   $_SESSION['filter_group'] = $_POST['filter_group'] ?? null;
   $_SESSION['filter_ll_since'] = $_POST['filter_ll_since'] ?? null;
@@ -78,7 +80,7 @@ function sortTable() {
     <?php
 
     include 'navigation.php';
-    
+
     if(!$_SESSION['authenticated']) {
       header('Content-Type: text/html; charset=utf-8');
       exit('<br>'.L10N_CONNECTION_NEEDED);