#21450: Android: allow HTTP for LAN hosts

## Summary\n- Avoid forcing HTTPS for dotted LAN hosts in Android gateway canvas URLs.\n- This fixes WebView loading on LAN/IP endpoints where the gateway serves HTTP only.\n\n## Problem\nThe Android app currently treats any host containing a dot as TLS and rewrites canvas URLs to https. For LAN IPs or local DNS (e.g., 192.168.x.x, .local), this breaks A2UI loading and yields connection errors.\n\n## Fix\nOnly auto‑enable TLS when the port is 443. This keeps HTTPS for reverse proxies while allowing HTTP on LAN endpoints.\n\n## Testing\n- Built Android debug APK locally.\n- Verified A2UI endpoint loads over HTTP on LAN.\n <!-- greptile_comment --> <h3>Greptile Summary</h3> Fixed Android WebView loading on LAN/IP endpoints by removing the heuristic that forced HTTPS for any host containing a dot. The previous logic (`endpoint.host.contains(".")`) incorrectly treated LAN IPs like `192.168.x.x` and `.local` hostnames as TLS-enabled, breaking HTTP-only gateway connections. The fix simplifies TLS detection to only check `endpoint.port == 443`, which resolves the immediate LAN issue. However, the `GatewayEndpoint` already has a `tlsEnabled` field populated from mDNS discovery that would be a more accurate source of truth for TLS detection. <h3>Confidence Score: 4/5</h3> - Safe to merge with low risk - fixes a real Android LAN connectivity issue - The change correctly addresses the immediate problem of LAN HTTP connections being forced to HTTPS. The simplified port-based heuristic (port 443 only) is reasonable for the common case. Minor improvement opportunity exists to use the existing `tlsEnabled` field for more accurate TLS detection, but the current fix is functionally correct for the stated use case. - No files require special attention _{Last reviewed commit: 760466f} <!-- greptile_other_comments_section --> _{(2/5) Greptile learns from your feedback when you react with thumbs up/down!} <!-- /greptile_comment -->