fix: verify link in public link notification ocs api

[DeepDiver1975]

Description

The frontend is generating the url to the public link share and submitting it to the server via the ocs share api.

Via the pure usage of this api any url can be sent out to any email address - as long as being logged in (aka have creds at hand)

This change validates that the url is pointing to one of the configured trusted domains to add some hardening.

How Has This Been Tested?

• ✋
• 🤖

Screenshots (if appropriate):

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Database schema changes (next release will require increase of minor version instead of patch)
• Breaking change (fix or feature that would cause existing functionality to change)
• Technical debt
• Tests only (no source changes)

Checklist:

• Code changes
• Unit tests added
• Acceptance tests added
• Documentation ticket raised:
• Changelog item, see TEMPLATE

[update-docs]

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

[sonarqubecloud]

Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud