Fix: HEAD requests to the oidc endpoint crashes the app

[andrewbrazzatti]

Some applications (e.g. teams and outlook) will make a HEAD request to generate a preview for links. Because links are often to records which require authorization, a redirect occurs which causes the application to crash. This fix adds a policy that returns a 400 bad request to prevent this from occurring.

[codecov]

Codecov Report

Attention: Patch coverage is 25.00000% with 3 lines in your changes missing coverage. Please review.

Project coverage is 55.49%. Comparing base (b82dfaf) to head (b920ef8).

Files	Patch %	Lines
api/policies/disallowedHeadRequestHandler.js	25.00%	3 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff             @@
##           develop    #2241      +/-   ##
===========================================
- Coverage    55.51%   55.49%   -0.02%     
===========================================
  Files          173      174       +1     
  Lines         8348     8352       +4     
  Branches      1177     1177              
===========================================
+ Hits          4634     4635       +1     
- Misses        3501     3504       +3     
  Partials       213      213              

Flag	Coverage Δ
backend-bruno	48.18% <25.00%> (-0.02%)	⬇️
backend-mocha	52.14% <25.00%> (-0.02%)	⬇️
frontend-app-config	97.87% <ø> (ø)
frontend-core-lib	52.41% <ø> (ø)
frontend-dashboard	88.07% <ø> (ø)
frontend-export	100.00% <ø> (ø)
frontend-local-auth	100.00% <ø> (ø)
frontend-manage-roles	63.33% <ø> (ø)
frontend-manage-users	59.81% <ø> (ø)
frontend-report	100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.