Validate docs feedback

[kylegach]

Note: I suggest reviewing commit-by-commit. The changes were carefully structured to aid review.

This is an effort to harden the docs feedback widget against scammers and other bad actors without going all the way to requiring users to authenticate first.

• Generate docs-metadata file on build
• Update docs-feedback to use slug instead of path
  • Easier than removing the version (sometimes) and framework from the path
  • Allows for direct comparison with docs slugs
• Validate submitted data against allowed values
  • Check slug, version, framework, and rating
• Validate against a tricky header on the request
  • Based on Netlify's guidance
  • It's named "tricky" instead of "secret" because the value isn't a critical secret
    • It's used on the frontend and passed in the clear in the request, so it cannot be truly secret
• Fix retrieval of client ip
• Validate against other available headers

How to test

1. Open this page in the deploy preview: /docs/react/contribute/new-snippets
   • It works for all pages, but this one is unlikely to receive legitimate feedback, and is thus good for QA efforts
2. Submit some feedback
3. Confirm it works
4. Delete your new discussion
5. Attempt to spoof a request (using Postman or something like it) while pretending you don't know about the checks in this PR
   • Reference the source for the URL and shape of the request body
6. Confirm you receive a 401 response code
7. You can check the function logs for additional info

[netlify[bot]]

✅ Deploy Preview for storybook-frontpage ready!

Name	Link
🔨 Latest commit	a929dd501c45acc0d207d1658cda6de79258281a
🔍 Latest deploy log	https://app.netlify.com/sites/storybook-frontpage/deploys/646fa960c7698e000862c391
😎 Deploy Preview	https://deploy-preview-552--storybook-frontpage.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.