Prepare for ArkoseLabs custom domain

This makes our codebase ready for enabling ArkoseLabs' custom domain:

• 15a0dd22 makes Content Security Policies a bit more forgiving by allowing any arkoselab.com subdomain for script inclusion and framing. This will let us include from gitlab-api.arkoselabs.com instead of client-api.arkoselabs.com when we transition to the new domain. It will also make it possible for customers to use their own custom domain if we make this available to self-hosted instances.
• eda0c9eb makes the ArkoseLabs namespace configurable so that we can configure where the client-side requests are going. The namespace is used to construct URLs such as https://<namespace>-api.arkoselabs.com/ and defaults to client.
• 88a4f691 changes the verification service to leverage the new arkose_labs_namespace application setting. Previously, this service relied on its own arkose_labs_verify_api_url, but the client and the server implementations can be unified to leverage the common arkose_labs_namespace setting. We will likely need to remove the arkose_labs_verify_api_url column in a follow-up.
• 8d2e26ef ensures that verification requests are made over HTTPS.

Related to #359912