Revert "♻️ refactor(middleware): remove duplicate CSP header assignment" (#20592)

web/middleware.ts

@@ -56,6 +56,11 @@ export function middleware(request: NextRequest) {
     contentSecurityPolicyHeaderValue,
   )
 
+  response.headers.set(
+    'Content-Security-Policy',
+    contentSecurityPolicyHeaderValue,
+  )
+
   return wrapResponseWithXFrameOptions(response, pathname)
 }