Add PROXY_SERVER_ALLOWED_DB_ORIGINS to restrict proxy forwarding targets

[kmcginnes]

Description

Adds an optional PROXY_SERVER_ALLOWED_DB_ORIGINS env var that restricts which database origins the proxy server will forward requests to. When set (comma-separated origins like https://neptune:8182), the proxy rejects requests targeting unlisted origins with a 403. When unset, behavior is unchanged (fully permissive).

Also:

• Introduces HttpError base class with optional details for structured error responses
• Makes RequestValidationError extend HttpError (status 400, includes zodError in response)
• Simplifies error handler — removes duck-typed getStatusFromError helper and the ...error spread
• Disables HTTP redirects on all outbound fetch calls (redirect: "error")
• Documents the new env var in docs/references/configuration.md and docs/references/security.md

Reading order: errors.ts → error-handler.ts → env.ts → allowed-db-origins.ts → app.ts (wiring) → docs

Validation

• 224 tests pass across 12 test files in the proxy-server package
• pnpm checks passes (lint, format, typecheck)
• New unit tests for: HttpError hierarchy, env var parsing (valid/invalid/edge cases), assertAllowedDbOrigin function (case normalization, port normalization, scheme enforcement, empty set rejection)
• New integration tests for: 403 enforcement across all 6 database routes, redirect disabled, no fetch call on rejection

Related Issues

• Closes Add PROXY_SERVER_ALLOWED_DB_ORIGINS to restrict database URLs the proxy will forward to #1793
• Related to Switch schema sync summary API from detailed to basic mode #1789

Check List

• I confirm that my contribution is made under the terms of the Apache 2.0 license.
• I have verified pnpm checks passes with no errors.
• I have verified pnpm test passes with no failures.
• I have covered new added functionality with unit tests if necessary.
• I have updated documentation if necessary.