Update Security headers

[hardillb]

fixes FlowFuse/secutiry#90

Description

• Enables redirect to HTTPS for HTTP requests
• Sets the STS to 30days rather than just 1 hour
• patch up some more CSP resources for img-src, script-src & connect-src

Related Issue(s)

FlowFuse/secutiry#90

Checklist

• I have read the contribution guidelines
• Suitable unit/system level tests have been added and they pass
• Documentation has been updated
  • Upgrade instructions
  • Configuration details
  • Concepts
• Changes flowforge.yml?
  • Issue/PR raised on FlowFuse/helm to update ConfigMap Template
  • Issue/PR raised on FlowFuse/CloudProject to update values for Staging/Production

Labels

• Includes a DB migration? -> add the area:migration label

[codecov]

Codecov Report

Attention: Patch coverage is 0% with 4 lines in your changes missing coverage. Please review.

Project coverage is 78.74%. Comparing base (3dc892a) to head (1d6448c).
Report is 13 commits behind head on main.

Files	Patch %	Lines
forge/forge.js	0.00%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #4154      +/-   ##
==========================================
- Coverage   78.76%   78.74%   -0.03%     
==========================================
  Files         286      286              
  Lines       13053    13059       +6     
  Branches     2910     2912       +2     
==========================================
+ Hits        10281    10283       +2     
- Misses       2772     2776       +4     

Flag	Coverage Δ
backend	78.74% <0.00%> (-0.03%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[hardillb]

Reverted the http->https change as this can be done at the K8s/Ingress level and it broke the container liveness check