Add CROSS_ORIGIN_EMBEDDER_POLICY and CROSS_ORIGIN_OPENER_POLICY constants

[ssokolow]

I'm currently building a site using actix-web, which relies on the http crate for strongly-typed header constants, and I noticed that there are a couple of headers which don't yet have constants here, forcing me to resort to manually specifying them as strings.

Specifically:

• Cross-Origin-Embedder-Policy
• Cross-Origin-Opener-Policy

As these headers need to be set to enable access to browser features like SharedArrayBuffer and un-throttled performance timers, I think it'd make sense to add CROSS_ORIGIN_EMBEDDER_POLICY and CROSS_ORIGIN_OPENER_POLICY constants.

[djc]

Since these are standardized in the HTML living standard, just submit a PR.

[ssokolow]

Right now, it's hard to find time for "annoying, but not show-stopping" stuff like this, so I'll have to just put it on my TODO list.

(As in I'll add a // TODO: Pending hyperium/http#460 comment in my code and defer it until my next clean-up sweep.)

[dekellum]

Ooops, sorry, I got header constants and status code constants confused, folks. Please ignore me.

Are these now also in the IANA list? That list is the only one claimed to be completely covered here. See #453 for background (also a good template for a new PR, I hope).