Exporting getPermissionsPolicyDirectives to avoid code duplication

[kensnyder]

I'd love it if the secureHeaders middleware exported it's internal stringification functions for re-use such as getPermissionsPolicyDirectives.

My use case is running hono on Cloudflare Workers. To test my permissions policy locally, I have to use this pattern in vite.config.ts.

export default defineConfig({
  plugins: [react(), cloudflare()],
  server: {
    headers: {
      'Content-Security-Policy': cspString,
    },
  },
  preview: {
    headers: {
      'Content-Security-Policy': cspString,
    },
  },
})

Currently, my choices include:

1. Maintain a string definition and avoid hono's secureHeaders middleware and it's type checking.
2. Pass an object to hono's secureHeaders middleware and separately maintain and keep in sync an equivalent string definition.
3. Duplicate code inside hono's secure-headers.ts file and hope I don't introduce bugs.
4. Install an npm library like content-security-policy-builder from helmetjs that duplicates hono's stringification code (if it even turns out to be compatible with the secureHeaders format).
5. Use an npm library like content-security-policy-builder and write a custom hono middleware that duplicate's honos secureHeaders's 200+ lines of TS types and code.

Would anyone be interested in a PR that exports hono's stringification abilities? Is anyone even using Content-Security-Policy with hono on Cloudflare Workers?