ZCU-PUB/filter config.json before exposing it

[jr-rk]

Phases	MP	MM	MB	MR	JM	Total
ETA	0	0	0	0	0	0
Developing	0	0	0	0	0	0
Review	0	0	0	0	0	0
Total	-	-	-	-	-	0
ETA est.						0
ETA cust.	-	-	-	-	-	0

Problem description

Eliminating the security risk of exposing sensitive server-side configuration data to the frontend, by filtering the config object to only include client-necessary settings before writing to config.json.
based on #1059

[jr-rk]

@milanmajchrak I have removed these lines, because they are missing in AppConfig (app-config.interface.ts)

liveRegion: appConfig.liveRegion,
search: appConfig.search,
accessibility: appConfig.accessibility,
// Matomo analytics - only expose client-side tracking properties
...(appConfig.matomo && {
    matomo: {
        hostUrl: appConfig.matomo.hostUrl,
        siteId: appConfig.matomo.siteId,
        dimensionId: appConfig.matomo.dimensionId,
    },
}),

[Copilot]

Pull Request Overview

This PR introduces config sanitization to prevent exposing sensitive server-side configuration to the frontend. Instead of writing the complete appConfig to the destination file, it now creates a publicConfig object that includes only client-side relevant settings.

• Creates a sanitized public config object that excludes server-side sensitive data
• Filters out cache, actuators, and server connection details (host, port, SSL settings)
• Retains only frontend-needed properties like API endpoints, auth timeouts, and feature configurations

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jr-rk]

Frontend requires cache.msToLive and cache.control settings to function
properly. Excludes server-side cache settings (serverSide, autoSync) while
including client-necessary cache configuration.

(same as on dev-5:)