One technical problem with doing this on the header level is that SPAs will fetch content gradually with multiple requests, so the browser _and_ said applications would need to account for filtered content being fetched halfway through the page load.
A more cynical take is that policymakers either actively want or are OK with mandating digital ID-based authentication in service of age controls, so any kind of privacy-preserving age controls will be either treated as horribly onerous or a safety risk when someone figures out how they can be circumvented.
This is more or less what the RTA meta tag is meant to achieve: https://www.rtalabel.org/page.php?content=howto
One technical problem with doing this on the header level is that SPAs will fetch content gradually with multiple requests, so the browser _and_ said applications would need to account for filtered content being fetched halfway through the page load.
A more cynical take is that policymakers either actively want or are OK with mandating digital ID-based authentication in service of age controls, so any kind of privacy-preserving age controls will be either treated as horribly onerous or a safety risk when someone figures out how they can be circumvented.