Add additional security-policy headers

We’d like to see DeveloperHub implement some additional security headers and policies on our hosted docs site, including:

• A Content-Security-Policy Header
  developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
• An X-Content-Type-Options header
  developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
• An X-Frame-Options Header
  developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
• And a Strict-Transport-Security
  developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

Hey @Gabe_Kahen.

This is on our radar but it’s a big rework of how we serve the front end application. We aim to have this available in 2022.