Fix CSP issues for Cloudflare Workers deployment

- Add _headers file with proper Content Security Policy configuration
- Allow unsafe-inline and unsafe-eval for Next.js compatibility
- Include Cloudflare Insights in allowed script sources
- Add security headers: X-Frame-Options, X-Content-Type-Options, Referrer-Policy
- Resolves CSP violations that were preventing JavaScript execution
- Application now renders properly in browser

Author: rgilks

wrangler.toml

@@ -15,3 +15,4 @@ migrations_dir = "migrations"
 
 [vars]
 NODE_ENV = "production"
+