prompt user on non-whitelisted hosts

Maintaining a whitelist in the binary does not scale and might put off
third party devs.

For a host that is not in the whitelist, we instead prompt the user if
they want to accept the connection.

Since we already run a server, we simply launch the browser on
confirmation page served by our server. It is a bit weird UX, but it
was the easiest solution I could find that works everywhere.

Alternatives considered:
- native dialogs using rfd - unfortunately does not work on macOS as
  the main process is windowless
- native dialogs using SDL: looks extremely ugly, hard to figure out deployment
- use Rust's Tauri or Qt or similar for native UIs: hard to deploy

Author: benma

Cargo.lock

@@ -7,6 +7,7 @@ edition = "2021"
 license = "Apache-2.0"
 
 [dependencies]
+webbrowser = "1.0"
 env_logger = "0.11"
 futures =  { workspace = true }
 futures-util = { workspace = true }

bitbox-bridge/Cargo.toml

@@ -0,0 +1,20 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>BitBoxBridge</title>
+</head>
+<body>
+    <h1>BitBoxBridge</h1>
+    <p>{{ message }}</p>
+    <button onclick="sendResponse(false)">Reject</button>
+    <button onclick="sendResponse(true)">Accept</button>
+    <script>
+        function sendResponse(userChoice) {
+            fetch(`/confirm/response/{{ counter }}/${userChoice}`, { method: 'POST' })
+                .then(() => window.close())
+                .catch(err => console.error('Error sending response:', err));
+        }
+    </script>
+</body>
+</html>