feat: proxy flag for additional cors headers

[afreakk]

When using non standard headers in proxy requests, it results in error like

Preflight aborted: headers 'traceparent' not allowed

With this change you can specify additional headers to allow.

Related Issue or Design Document

#261

Checklist

• I have read the contributing guidelines
  and signed the CLA.
• I have referenced an issue containing the design document if my change
  introduces a new feature.
• I have read the security policy.
• I confirm that this pull request does not address a security
  vulnerability. If this pull request addresses a security vulnerability, I
  confirm that I got approval (please contact
  security@ory.sh) from the maintainers to push
  the changes.
• I have added tests that prove my fix is effective or that my feature
  works.
• I have added the necessary documentation within the code base (if
  appropriate).

Further comments

[zepatrik]

LGTM 👍
Tests should pass now with the upstream changes.
I assume that you tested the feature already locally? As it is not critical, but rather "nice-to-have", I'm fine not having any unit tests for this.

[zepatrik]

Ah the other tests are failing because the secret is not available on your branch.