Investigate supporting CSP

[askvortsov1]

Needs an investigation, replace this issue description when done.

[tankerkiller125]

I will post an update to this in a couple days, I intend to have the feature at the minimum make it to the next major release. (Given adding it would likely break extensions using external resources)

[tankerkiller125]

So basic first step, I've found what I think are two suitable libraries for this to automatically build CSP headers for us:

• https://github.com/martijnc/php-csp
  • Seems like a fairly solid choice
  • Easy to use
  • Supports things like nounces and hashes
• https://github.com/paragonie/csp-builder
  • Very easy to use
  • Another solid choice
  • Can inject headers into the response object
  • Seems to have a bit more a understanding API

From either of these libraries we would then need to build an extender around them, I'm thinking that it might be best to do this using containers, arrays that can be modified, and the second library. I think this would work very similarly to the way that Middleware works, just instead of modifying one array, we'll be modifying multiple arrays as needed.

[JoshyPHP]

Ping me if work on this is restarted and you have questions about the live preview.