Hi! I have an issue: I'm not able to disable x-content-type-options and x-xss-options in the model:

(defn service
  [config]
  [""
   [["/about" (as-resource "Hello World")]
    ["/register" (yada/resource {:access-control {:allow-origin            "*"
                                                  :allow-headers           "*"
                                                  :allow-credentials       true
                                                  :allow-methods "*"}
                                 :content-security-policy ""
                                 ; :x-content-type-options "0"
                                 :x-frame-options "NONE"
                                 ; :x-xss-protection "0"
                                 :methods                 {:get {:produces "text/event-stream"
                                                                 :response yada-sse}}})]]])

OK, it's a document bug. You need to set 'xss-protection', no x.

However, it doesn't look like you can un-set 'x-content-type-options'?

when yada catches an exception of any kind (e.g. 404, 500), it appears that it completely resets the ctx here: https://github.com/juxt/yada/blob/master/src/yada/handler.clj#L134 this means that any additional data that interceptors added to the ctx get lost. is there any way to get around this for just a single interceptor ? i'm trying to measure latency between start and end of the whole request, and i'm storing the start time in the ctx...this gets lost this way

another option for me would be to generate an error-deferred manually, and attach the :ctx there, but that doesn't seem to be possible (although very easy to implement)