fix: hsts header

[maghirardelli]

Issue #, if available: GALI-1190

Description of changes: Added a strict-transport-security header to enforce HSTS traffic for extra security.

Tested manually and was able to see the proper header in the response in both the UI and through Postman. Ran the entire collection of integration tests and end-to-end tests and all passed. Manually tested in both non-TRE and TRE environments.

Header in response:

Checklist:

• Have you successfully deployed to an AWS account with your changes?
• Have you written new tests for your core changes, as applicable?
• Have you successfully tested with your changes locally?

AS review ticket id:

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[codecov]

Codecov Report

Merging #790 (24f0b17) into develop (0967129) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff            @@
##           develop     #790   +/-   ##
========================================
  Coverage    50.46%   50.46%           
========================================
  Files          279      279           
  Lines        15152    15152           
  Branches      2404     2405    +1     
========================================
  Hits          7647     7647           
  Misses        6573     6573           
  Partials       932      932           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0967129...24f0b17. Read the comment docs.