Allow the user to set custom security headers per environment.

The wanted security headers include:

X-XSS-Protection, X-Frame-Options, X-Content-Type-Options, Permissions-Policy, Referrer-Policy, Strict-Transport-Security, Content-Security-Policy

Content Security Policy would likely need a wizard as it is more complicated, and is more risky to set up.