Add Security Headers #45
Description
Security headers need to be added to the deployments. DoE requires HSTS in particular. Preloading not necessary. This may require the addition of a reverse proxy (nginx).
Current score on Mozilla Observatory is zero. Let’s shoot for an A+.
Also, let’s suppress the Express identification header.