Add ability to set error response headers

[epompeii]

I currently have response headers working for CORS, after looking at how Oxide does so in cio: https://github.com/bencherdev/bencher/blob/main/services/api/src/util/headers.rs
I think this may solve: #57

But there is no way to set error response headers.

The headers for a valid request look like this (happy CORS):

access-control-allow-headers | Content-Type
access-control-allow-methods | GET
access-control-allow-origin | *
content-length | 255
content-type | application/json
date | Sun, 15 Oct 2023 23:43:19 GMT
x-request-id | 46e28335-f418-4731-ae94-a73588908f63

But the headers for an error request look like this (unhappy CORS):

content-length | 133
content-type | application/json
date | Sun, 15 Oct 2023 23:43:33 GMT
x-request-id | 0c32030a-a999-4b42-9a0f-653696564e26

Internally, it looks like dropshot uses this HttpError into_response method: https://docs.rs/dropshot/latest/src/dropshot/error.rs.html#237
So it would be great to be able to add additional headers to HttpError or just have it also use the headers set for a valid request.

[davepacheco]

Yeah. See also #57. We left out error responses when we did #283. Also related are #39, #41.

[davepacheco]

I think the plan here should be what's proposed in #39.