[v8.3.x] Sync security changes (#45067)

* "Release: Updated versions in package to 8.3.5"

* [v8.3.x] Fix for CVE-2022-21702 (#225)

Fix for CVE-2022-21702

* Update yarn.lock for 8.3.5

* resolve conflicts

(cherry picked from commit bb38cfcba4b4f824060ff385d858c63f50b72d74)

* csrf checks for v8.3.5 (#234)

* Fix lint

* Cherry pick e2e test server changes

Co-authored-by: Marcus Efraimsson <marcus.efraimsson@gmail.com>
Co-authored-by: Kevin Minehart <kmineh0151@gmail.com>
Co-authored-by: Serge Zaitsev <serge.zaitsev@grafana.com>

pkg/api/pluginproxy/ds_proxy.go

@@ -54,6 +54,7 @@ func (t *handleResponseTransport) RoundTrip(req *http.Request) (*http.Response,
 		return nil, err
 	}
 	res.Header.Del("Set-Cookie")
+	proxyutil.SetProxyResponseHeaders(res.Header)
 	return res, nil
 }