hoff-2010 fixing session-timeout

[PaolaDMadd-Pro]

What?

Session not extending when “Stay on this page” clicked (regression in v22.10.1 – GA_TAG dependency)

Why?

as per jira ticket HOFF-2010

How?

• update session-timeout-dialog.js : reinforced code of refreshing session, more robust on failure.
• update index.js to make connectSrc default to same-origin, then append GA endpoints only when GA is enabled.

Testing?

tested on sandbox and Lamp (locally)

Here’s a short PR-ready summary you can paste:

Added tests:

Added frontend Jest coverage for refreshSession in sessionDialog.test.js
New success-path test verifies $.get('') success updates timeSessionRefreshed and calls controller()
New failure-path test verifies $.get('') failure logs console.error
Added/updated CSP integration coverage in server.spec.js to confirm behaviour when gaTagId is unset:
connect-src includes 'self'.
Google analytics domains are not added to img-src/script-src (and can also be asserted absent from connect-src).
Kept existing positive CSP test for gaTagId set to assert Google directives are included.

Screenshots (optional)

Anything Else? (optional)

Check list

• I have reviewed my own pull request for linting issues (e.g. adding new lines)
• I have written tests (if relevant)
• I have created a JIRA number for my branch
• I have created a JIRA number for my commit
• I have followed the chris beams method for my commit https://cbea.ms/git-commit/
  here is an example commit
• Ensure workflow jobs are passing especially tests
• I will squash the commits before merging

[Rhodine-orleans-lindsay]

@PaolaDMadd-Pro I've left some comments and there all also seems to be some failing tests due to syntax issues.

[Rhodine-orleans-lindsay]

just a few minor changes suggested

[Rhodine-orleans-lindsay]

good work @PaolaDMadd-Pro - fyi, there is a small typo in the changelog, that I have highlighted in a comment.