fix: connect React Native CDP targets

[thymikee]

End-user impact

React Native targets exposed through Metro can now be selected by agent-cdp without failing the WebSocket handshake with HTTP 401. This unlocks the existing JS heap usage, heap snapshot, allocation, and leak-triplet workflows for RN/Hermes targets that implement those CDP methods.

Users can continue the normal flow:

agent-cdp target list --url http://127.0.0.1:8081
agent-cdp target select <target-id>
agent-cdp memory usage sample --gc
agent-cdp memory snapshot capture --name baseline --gc

Compatibility

Chrome and Node targets keep the existing WebSocket behavior. Only React Native target descriptors receive an Origin header, derived from the discovery URL origin.

Existing commands, output formats, daemon state, snapshot artifacts, and saved analysis workflows are unchanged. The docs now call out that React Native/Hermes may expose only a subset of browser CDP and should use heap usage/snapshot workflows when browser-only domains are unsupported.

Risks

The main risk is target-specific: some non-Metro React Native-compatible endpoints might validate Origin differently. The fallback still derives an origin from the WebSocket URL if the discovery source URL is malformed.

Manual testing

Setup used during investigation:

• Expo SDK 56 test app running in Expo Go 56.0.3 on iOS simulator
• Metro on http://127.0.0.1:8081

Observed before this fix: agent-cdp target select <react-native-target> failed with Unexpected server response: 401.

Validation performed:

• pnpm --filter agent-cdp exec vitest run src/__tests__/transport.test.ts
• pnpm --filter agent-cdp typecheck
• pnpm --filter agent-cdp format
• pnpm --filter agent-cdp lint
• pnpm --filter agent-cdp build
• With a temporary local transport patch, target select succeeded against Expo Go 56 and memory commands captured JS heap usage, heap snapshots, snapshot diffs, leak-triplet output, retainers, and allocation hotspots.