web: support HTTPS reverse proxy for API calls

[LJspice]

I'm running the web UI behind my existing reverse proxy and authentication middleware, which is configured to properly pass both the web UI and API over HTTPS and port 443. However, the topology tab fails to load due to mixed content errors, as HTTP is hardcoded, as is port 8081 for API calls.

My reference Traefik config, in case these breadcrumbs help someone else in a similar situation:

services:
  otbr:
    labels:
      traefik.enable: "true"
      # Web UI (Port 8080)
      traefik.http.routers.otbr-web.rule: "Host(`otbr.${DOMAIN_NAME}`)"
      traefik.http.routers.otbr-web.middlewares: "authelia@file"
      traefik.http.routers.otbr-web.service: "otbr-web"
      traefik.http.services.otbr-web.loadbalancer.server.url: "http://host.docker.internal:8080"
      # REST API (port 8081)
      traefik.http.routers.otbr-api.rule: "Host(`otbr.${DOMAIN_NAME}`) && PathPrefix(`/api`)"
      traefik.http.routers.otbr-api.middlewares: "authelia@file, otbr-api-strip"
      traefik.http.routers.otbr-api.service: "otbr-api"
      traefik.http.services.otbr-api.loadbalancer.server.url: "http://host.docker.internal:8081"
      # Strip headers as OTBR returns 400 with too many headers or invalid characters in headers
      traefik.http.middlewares.otbr-api-strip.headers.customRequestHeaders.Cookie: ""
      traefik.http.middlewares.otbr-api-strip.headers.customRequestHeaders.Remote-User: ""
      traefik.http.middlewares.otbr-api-strip.headers.customRequestHeaders.Remote-Groups: ""
      traefik.http.middlewares.otbr-api-strip.headers.customRequestHeaders.Remote-Email: ""
      traefik.http.middlewares.otbr-api-strip.headers.customRequestHeaders.Remote-Name: ""

---

This commit updates the Web UI to support being served over HTTPS via a reverse proxy.

• Replaces hardcoded 'http://' with 'window.location.protocol' for all REST API calls.
• Modifies formatRestAddr() to conditionally omit the '8081' port when the page is accessed via HTTPS, allowing the proxy's port mapping to handle the request.

These changes ensure the Web UI remains functional when TLS is terminated at a reverse proxy, while maintaining backward compatibility for standard HTTP deployments.

Test results:

[gemini-code-assist]

Code Review

This pull request updates the frontend application to dynamically use the current window location protocol (HTTP or HTTPS) instead of hardcoding 'http://' for API requests. It also updates 'formatRestAddr' to omit port '8081' when HTTPS is used. Feedback was provided to ensure that IPv6 address literals are still correctly enclosed in square brackets when the port is omitted under HTTPS, preventing malformed URIs.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 33.75%. Comparing base (2b41187) to head (a8210f2).
⚠️ Report is 1542 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff             @@
##             main    #3432       +/-   ##
===========================================
- Coverage   55.77%   33.75%   -22.02%     
===========================================
  Files          87      143       +56     
  Lines        6890    17246    +10356     
  Branches        0     1413     +1413     
===========================================
+ Hits         3843     5822     +1979     
- Misses       3047    11117     +8070     
- Partials        0      307      +307     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.