Improve download command

[1robie]

This pull request introduces a configurable allow-list for downloadable websites, improving security by restricting which hosts are permitted for inventory downloads. It also refactors the download logic to provide clearer error handling and user feedback, and enhances file name validation to prevent unsafe or malformed file names.

Security and Configuration Enhancements:

• Added a new configuration option allowedDownloadableWebsite in Configuration.java and the config file, defaulting to minecraft-inventory-builder.com, to specify which hosts are allowed for inventory downloads. The config is now loaded and saved accordingly. [1] [2] [3] [4]
• The download logic in ZWebsiteManager now checks if the requested host matches an entry in allowedDownloadableWebsite, rejecting downloads from unauthorized hosts.

User Feedback and Error Handling Improvements:

• Introduced a DownloadResult enum to clearly distinguish different download outcomes, enabling user-friendly error messages for cases such as unauthorized hosts, invalid file types, and file existence. [1] [2]
• Added a new message WEBSITE_DOWNLOAD_ERROR_HOST to inform users when a download is rejected due to an unapproved host, displaying both the attempted host and the allowed hosts.

File Name Validation:

• Improved logic for extracting and validating file names from the Content-Disposition header, ensuring only safe, well-formed names are used and falling back to a random name if necessary.…oad error handling

[nulledphx]

Glad to see this being addressed. This fix covers the RCE/Path Traversal issues I reported earlier in Issue #235