fix: 5995 gate GitBook widget on HTTPS

[Pyatakov]

Description

GitBook's embed iframe at /~gitbook/embed/assistant sets a frame-ancestors CSP that rejects HTTP parents. When the Guardian frontend is served over plain HTTP (default docker-compose.yml on http://localhost:3000), this produces a console error on every page load and an empty panel when the floating See Docs button is clicked.

This PR gates the GitBook widget on window.location.protocol === 'https:' so it only activates in environments where it can actually function.

Related issue

Closes #5995

Checklist

• Documented (Code comments, README, etc.)
• Tested (unit, integration, etc.)
• docker compose up → open http://localhost:3000; confirm no Refused to load …/~gitbook/embed/assistant error in the console, no floating See Docs button, sidebar Documentation toggle is greyed out with cursor: not-allowed and shows the tooltip on hover; clicking it does nothing.
• docker compose -f docker-compose.yml -f docker-compose.ssl.yml up → open https://localhost; confirm the See Docs button appears, opens a populated GitBook iframe, the sidebar toggle hides/shows the widget, and clipboard-write is present on the widget iframe's allow attribute.

[github-actions]

Test Results

 32 files  ±0   64 suites  ±0   8m 11s ⏱️ ±0s
 35 tests ±0   35 ✅ ±0  0 💤 ±0  0 ❌ ±0 
165 runs  ±0  165 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 5ff6844. ± Comparison against base commit 1fa9ec8.

♻️ This comment has been updated with latest results.