feat: update strict transport security header to 2 years

[Matthew-Mallimo]

Description

The recommended value for this header is 2 years. We currently had it set to 6 months.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

Motivation and Context

Better security.

How Has This Been Tested?

Types of Changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation (adding or updating documentation)
• Dependency update
• Security update

Checklist:

• My change requires a change to the documentation and I have updated the documentation accordingly.
• These changes should be applied to a maintenance branch.
• This change requires cross browser checks.
• Performance tests should be ran against the server prior to merging.
• This change impacts caching for client browsers.
• This change impacts HTTP headers.
• This change adds additional environment variable requirements for One App users.
• I have added the Apache 2.0 license header to any new files created.

What is the Impact to Developers Using One App?

[github-actions]

Size Change: 0 B

Total Size: 710 kB

ℹ️ View Unchanged

Filename	Size
./build/app/app.js	164 kB
./build/app/app~vendors.js	411 kB
./build/app/runtime.js	7.07 kB
./build/app/service-worker-client.js	7.25 kB
./build/app/vendors.js	121 kB

_{compressed-size-action}