Competely remove the X-Requested-With header
By default, WebView sends an X-Requested-With header with the application ID (com.stoutner.privacybrowser.standard) with every page load. It looks like it is possible to change the header, but not to leave it out (Lightning sends the header with a null value).
At a minimum, it would be nice to allow the user to set a custom header. Ultimately, we might need to embed a custom WebView to get full control of the functionality.