Set Content-Security-Policy in Gatsby to allow loading content in Storybook

[brentswisher]

This change: (check at least one)

• Adds a new feature
• Fixes a bug
• Improves maintainability
• Improves documentation
• Is a release activity

Is this a breaking change? (check one)

• Yes
• No

Is the: (complete all)

• Title of this pull request clear, concise, and indicative of the issue number it addresses, if any?
• Test suite(s) passing?
• Code coverage maximal?
• Changeset added?
• Component status page up to date?

What does this change address?
When updating to Gatsby 5 we inadvertently broke some storybook pages. It will no longer load any content for the stories, returning a 404 with an error like Refused to display 'https://pharos.jstor.org/' in a frame because it set 'X-Frame-Options' to 'deny'.

How does this change work?
Sets the Content-Security-Policy of pharos.jstor.org to all content from any jstor page. It appears that in Gatsby 5 Netlify automatically injects it's adapter, which sets the headers to deny. (thread, documentation)

Additional context
I used this documentation to create the header value, but I'm not overly familiar with this header, so let me know if there is a better option!

[changeset-bot]

🦋 Changeset detected

Latest commit: 8d86599

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@ithaka/pharos-site	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[brentswisher]

[github-actions]

size-limit report 📦

Path	Size
packages/pharos/lib/index.js	64.73 KB (0%)