[SSF-156] add url sanitization

[amywng]

ℹ️ Issue

Closes SSF-156

📝 Description

• added method to utils to sanitize URLs (trims whitespace, checks for http/https, validates format w/ URL constructor, ensures hostname exists)
• added URL sanitization to updateTrackingCostInfo method in order.service.ts
• wrote/added tests for utils method and orders method
• updated trackingCostDTO to only accept http/https protocols

✔️ Verification

wrote tests, tests pass
verified behavior in postman

🏕️ (Optional) Future Work / Notes

[dburkhart07]

one more thing!!!!

[dburkhart07]

lgtm!!! 🗽 🍵 🧋

[dburkhart07]

Note for @sam-schu and @Yurika-Kan for future ticketing. We will likely need some form of proper checking to ensure the url is a dns-registered/reachable one. I initially suggested we implement it in the sanitization check, but this really wouldn't work, since we can't assume the url in the database is valid (e.g i publish a site, we save that as the url, then i take it down, and now the tracking link is not valid). To be safe, I think we should be checking each time we retrieve the order from the backend that the url is dns-registered (but something for a future ticket perhaps). If you have other thoughts let me know.