Better domain handling of extensions (for VM and development)

[gsteinLTU]

Snap--Build-Your-Own-Blocks/src/gui.js

Line 3896 in b960840

const trustedSources = [ '/', window.location.origin, 'https://extensions.netsblox.org'];

The current check works for extensions hosted on the official repository or window.location.origin, but that doesn't allow e.g. a user on localhost to have the extension hosted on a different port than their NetsBlox server. The VM extension @dragazo is working on currently has to host its own extension file and presents a warning. This occurs when running on localhost as well, as window.location.origin will be something like http://localhost:8080/ and the VM server hosting the extension file will have a different port.

It seems like dropping the port (and protocol?) for the check when on localhost should solve this.
@brollb, do you think this should apply to all domains? Localhost seems pretty safe (you're already running a server on your computer, browsing to it is unlikely to be any more risky), and I'm not sure if it would ever come up for anything else.