feat(network-proxy): structured policy signaling and attempt correlation to core (#11662)

## Summary
When network requests were blocked, downstream code often had to infer
ask vs deny from free-form response text. That was brittle and led to
incorrect approval behavior.
This PR fixes the proxy side so blocked decisions are structured and
request metadata survives reliably.

## Description
- Blocked proxy responses now carry consistent structured policy
decision data.
- Request attempt metadata is preserved across proxy env paths
(including ALL_PROXY flows).
- Header stripping was tightened so we still remove unsafe forwarding
headers, but keep metadata needed for policy handling.
- Block messages were clarified (for example, allowlist miss vs explicit
deny).
- Added unified violation log entries so policy failures can be
inspected in one place.
- Added/updated tests for these behaviors.

---------

Co-authored-by: Codex <199175422+chatgpt-codex-connector[bot]@users.noreply.github.com>

codex-rs/network-proxy/src/admin.rs

@@ -89,7 +89,7 @@ async fn handle_admin_request(
                 text_response(StatusCode::INTERNAL_SERVER_ERROR, "error")
             }
         },
-        ("GET", "/blocked") => match state.drain_blocked().await {
+        ("GET", "/blocked") => match state.blocked_snapshot().await {
             Ok(blocked) => json_response(&BlockedResponse { blocked }),
             Err(err) => {
                 error!("failed to read blocked queue: {err}");