feat(security): add support for Permissions-Policy

To use, set Params.security.permissions.policy

wowchemy/layouts/index.headers

@@ -1,5 +1,6 @@
 {{- $csp_policy := site.Params.security.csp.policy | default "" -}}
 {{- $csp_report_only := site.Params.security.csp.report_only | default false -}}
+{{- $permissions_policy := site.Params.security.permissions.policy | default "" -}}
 # Netlify headers
 # Automatically generated
 # Documentation: http://bit.ly/netlify-deployment
@@ -9,6 +10,7 @@
   X-Content-Type-Options: nosniff
   Strict-Transport-Security: max-age=31536000; includeSubDomains
   {{with $csp_policy}}Content-Security-Policy{{if $csp_report_only}}-Report-Only{{end}}: {{.}}{{end}}
+  {{with $permissions_policy}}Permissions-Policy: {{.}}{{end}}
 /index.webmanifest
   Content-Type: application/manifest+json
 /index.xml