fix: only mark custom endpoints as HTTPS-compatible when URL scheme is actually HTTPS

Custom endpoints from T3CODE_DESKTOP_HTTPS_ENDPOINTS were unconditionally
marked with hostedHttpsCompatibility: 'compatible', bypassing the automatic
classifyHostedHttpsCompatibility check. If a user mistakenly supplies an
http:// URL, the endpoint would be incorrectly marked as compatible with the
hosted HTTPS app.

Now we check the URL protocol first and only override with 'compatible' for
actual https: URLs. For http: URLs, the field is omitted, letting the
auto-classifier in createAdvertisedEndpoint correctly return
'mixed-content-blocked'.

Author: cursoragent

apps/desktop/src/serverExposure.ts

@@ -156,13 +156,14 @@ export function resolveDesktopCoreAdvertisedEndpoints(
   }
 
   for (const customEndpointUrl of input.customHttpsEndpointUrls ?? []) {
+    const isHttps = new URL(customEndpointUrl).protocol === "https:";
     endpoints.push(
       createManualEndpoint({
         id: `manual:${customEndpointUrl}`,
         label: "Custom HTTPS",
         httpBaseUrl: customEndpointUrl,
         reachability: "public",
-        hostedHttpsCompatibility: "compatible",
+        ...(isHttps ? { hostedHttpsCompatibility: "compatible" as const } : {}),
         status: "unknown",
         description: "User-configured HTTPS endpoint for this desktop backend.",
       }),