Detect cross-origin visit request attempts

[jayohms]

The core turbo.js library does not permit cross-origin visit requests (i.e. a link that redirects to an external domain). These requests call the adapter method visitRequestFailedWithStatusCode(visit, statusCode) for all platforms.

To handle this in the browser adapter, non-HTTP status code failures update the window.location so the browser can handle the top-level redirect. The browser adapter does not actually know whether a cross-origin redirect was attempted, since the CORS policy restricts requests to the same-origin, but updating the window.location directly bypasses needing this knowledge.

The mobile adapters, however, can't just update the window.location — a new visit needs to be proposed so the native app can decide how to handle the external url request. This PR finds any potential cross-origin redirect locations when a visit request fails with a non-HTTP status code and proposes the external redirect location as a new visit.

Fixes https://github.com/hotwired/turbo-android/issues/320

[hjhart]

I made a note in the corresponding issue here, but I've tested this locally and it works great. Thanks @jayohms!

[jayohms]

Perfect, I'll work on the corresponding turbo-ios version and can ship new releases soon.