Log HTTP referer and origin

Related: #1386.

Summary:

Logs the HTTP Referer (or referrer) header as req_referrer and Origin header as req_origin, helping us track where requests come from. The easiest way to test this is via Postman:

This generates the following log string:

{"method": "GET", "url": "http://localhost:10080/epidata/signal_dashboard_status/", "form_args": {}, "req_length": null, "remote_addr": "172.18.0.1", "real_remote_addr": "172.18.0.1", "user_agent": "PostmanRuntime/7.30.1", "api_key": null, "user_id": "None", "req_referrer": "https://test.com/test", "event": "Received API request", "logger": "server_api", "level": "info", "pid": 8, "timestamp": "2024-05-09T11:28:19.206454Z"}

{ ... "req_referrer": "https://test.com/test" ... }

An automated version of this test has also been included. If no referrer is present, the HTTP Origin is used instead.

As mentioned in #1386, we might also need to modify the referrer policy across our webapps in order to properly set the relevant fields. The default referrer policy is:

Send the origin, path, and querystring when performing a same-origin request. For cross-origin requests send the origin (only) when the protocol security level stays same (HTTPS→HTTPS). Don't send the [Referer](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer) header to less secure destinations (HTTPS→HTTP).

Since the API endpoint is HTTPS, for some webapps these headers are likely to be already set out of the box, but further testing will still be necessary.

Prerequisites:

[x] Unless it is a documentation hotfix it should be merged against the dev branch
[x] Branch is up-to-date with the branch to be merged with, i.e. dev
[ ] Build is successful
[x] Code is cleaned up and formatted

cmu-delphi / delphi-epidata

Log HTTP referer and origin #1429

Summary:

Prerequisites:

Quality Gate passed