* feat: add CSP and other security related headers in the oCIS proxy service
* fix: consolidate security related headers - drop middleware.Secure
* fix: use github.com/DeepDiver1975/secure
* fix: acceptance tests
* feat: support env var replacements in csp.yaml
TLS for the services can be configure by setting the "OCIS_HTTP_TLS_ENABLED",
"OCIS_HTTP_TLS_CERTIFICATE" and "OCIS_HTTP_TLS_KEY" environment variables.
Currently the ocis proxy is this only service that directly accesses backend
services. It determines whether to use TLS or not by looking a the new registry
metadata "use_tls". As specific CA Cert for certificate verification
can be set with the "PROXY_HTTPS_CACERT" environment variable.
