nginx-proxy-manager Response headers duplicate when using the add

Checklist

Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image?
- Yes
Are you sure you're not using someone else's docker image?
- Yes
Have you searched for similar issues (both open and closed)?
- Yes

Describe the bug

When adding headers to the response via the advanced custom nginx configuration, the headers are duplicated in the response, rather than overwritten or appended, resulting in unusual behaviour.

Nginx Proxy Manager Version

2.10.2

To Reproduce Steps to reproduce the behavior:

Set the following inside the custom nginx config, as found in this issue #1183

location / {
  # Force SSL
  include conf.d/include/force-ssl.conf;
  # HSTS (ngx_http_headers_module is required) (63072000 seconds = 2 years)
  add_header Strict-Transport-Security "max-age=63072000;includeSubDomains; preload" always;
  add_header X-Frame-Options "ALLOW-FROM my.domain.tld";
  add_header Content-Security-Policy "frame-ancestors my.domain.tld";
  # Proxy!
  include conf.d/include/proxy.conf;
}

Load the page and inspect the response in the browser:

HTTP/2 200 OK
server: openresty
date: Sun, 07 May 2023 10:32:39 GMT
content-type: text/html
content-encoding: gzip
x-frame-options: sameorigin #DUPLICATE
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; manifest-src 'self'; media-src 'self' blob:; child-src 'self' blob:; frame-src 'self'; frame-ancestors 'none' #DUPLICATE
referrer-policy: same-origin
permissions-policy: interest-cohort=()
x-frame-options: ALLOW-FROM my.domain.tld #DUPLICATE
content-security-policy: frame-ancestors my.domain.tld #DUPLICATE
X-Firefox-Spdy: h2

Expected behavior

That the header will be appended or replaced, or rather generally, that the browser will accept the duplicate header in some way.