Introduces CSRF protection to all sensitive controller actions, integrates configurable CAPTCHA (reCAPTCHA v2/v3, Turnstile) for authentication and registration flows, and centralizes input validation via a new InputValidator helper. Adds new helpers and services for CSRF and CAPTCHA, updates settings and migration for CAPTCHA configuration, and enhances logging and error handling in TLD registry import processes. Also improves validation for user, domain, group, and profile inputs throughout the application.
Enhanced error messages for missing channel configuration fields in NotificationGroupController. Updated Discord and Slack webhook input handling to use distinct field names, improved form validation and required field logic in the edit group view, and added user guidance for webhook URLs.
