Add support for HTTP header X-Permitted-Cross-Domain-Policies

- https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#X-Permitted-Cross-Domain-Policies
- https://rorsecurity.info/portfolio/new-http-headers-for-more-security
- https://danielnixon.org/http-security-headers/