Update Security headers

[hardillb]

fixes FlowFuse/secutiry#90

Description

• Enables redirect to HTTPS for HTTP requests
• Sets the STS to 30days rather than just 1 hour
• patch up some more CSP resources for img-src, script-src & connect-src

Related Issue(s)

FlowFuse/secutiry#90

Checklist

• I have read the contribution guidelines
• Suitable unit/system level tests have been added and they pass
• Documentation has been updated
  • Upgrade instructions
  • Configuration details
  • Concepts
• Changes flowforge.yml?
  • Issue/PR raised on FlowFuse/helm to update ConfigMap Template
  • Issue/PR raised on FlowFuse/CloudProject to update values for Staging/Production

Labels

• Includes a DB migration? -> add the area:migration label

[codecov]

Codecov Report

Attention: Patch coverage is 44.44444% with 5 lines in your changes missing coverage. Please review.

Project coverage is 78.62%. Comparing base (3dc892a) to head (9f79647).
Report is 35 commits behind head on main.

Files	Patch %	Lines
forge/forge.js	44.44%	5 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4154      +/-   ##
==========================================
- Coverage   78.76%   78.62%   -0.14%     
==========================================
  Files         286      286              
  Lines       13053    13097      +44     
  Branches     2910     2926      +16     
==========================================
+ Hits        10281    10298      +17     
- Misses       2772     2799      +27     

Flag	Coverage Δ
backend	78.62% <44.44%> (-0.14%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[hardillb]

Reverted the http->https change as this can be done at the K8s/Ingress level and it broke the container liveness check