Fix unsafe redirect error in cockpit controller

Add allow_other_host: true parameter to redirect_to call to address
Rails security changes that now require explicit permission for
redirects to other hosts. The redirect is already validated against
the expected hostname on line 24, making this safe.

Fixes test failures:
- test_0008_should allow redirect to valid cockpit URL
- test_0009_should allow redirect with http scheme to same hostname
- test_0010_should handle case insensitive scheme validation

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

Author: ehelms

app/controllers/cockpit_controller.rb

@@ -24,7 +24,7 @@ def redirect
     return invalid_request unless redir_url.hostname == expected_hostname
 
     redir_url.query = "access_token=#{request.session_options[:id]}"
-    redirect_to(redir_url.to_s)
+    redirect_to(redir_url.to_s, allow_other_host: true)
   end
 
   private