Restrict Workshop websocket upgrades to local origins

[haasonsaas]

Summary

Workshop already blocks cross-origin HTTP access for non-ingest routes, but the /ws WebSocket upgrade path was not covered by that Express middleware. This change applies the same localhost/127.0.0.1 host and origin policy at the WebSocket handshake.

Security impact

Without a server-side WebSocket origin check, a page from another origin can initiate a browser WebSocket connection to a locally running Workshop instance. That connection can receive Workshop broadcasts such as live trace deltas, agent stream events, loadout metadata, and pending user-question prompts.

Changes

• Adds a shared local host/origin validator used by both HTTP middleware and /ws upgrade verification.
• Rejects cross-origin browser WebSocket upgrades with HTTP 403.
• Preserves same-origin localhost WebSocket upgrades and non-browser local callers without an Origin header.
• Adds a raw WebSocket handshake regression test for rejected cross-origin and accepted localhost origins.

I searched existing issues and PRs for WebSocket origin/cross-origin localhost reports and did not find a matching report or fix.

Validation

• bun test tests/server-security.test.ts
• bun test tests/
• bun x tsc --noEmit
• bun run build
• bun run lint (passes with existing warnings)

[rsd-raindrop]

This was fixed in latest release. Thank you for the contribution and great find!