🔧 Fix CORS and API endpoint issues

- Fix API endpoint paths (remove trailing slashes for 405 errors)
- Update API URLs to use api-todo.hyungi.net subdomain for HTTPS compatibility
- Improve CORS settings parsing in backend (handle brackets and quotes)
- Add frontend volume mount to docker-compose for real-time file updates
- Update Synology deployment config with wildcard CORS settings

Resolves:
- 405 Method Not Allowed errors
- Mixed Content security issues (HTTPS → HTTP)
- CORS preflight request failures
- Docker build requirements for every file change

Tested: API endpoints now correctly use HTTPS subdomain, eliminating security blocks

docker-compose.yml

@@ -5,6 +5,9 @@ services:
       dockerfile: Dockerfile
     ports:
       - "${FRONTEND_PORT:-4000}:80"
+    volumes:
+      # 프론트엔드 파일 실시간 반영 (개발용)
+      - ./frontend:/usr/share/nginx/html
     depends_on:
       - backend
     restart: unless-stopped
@@ -17,6 +20,8 @@ services:
       dockerfile: Dockerfile
     ports:
       - "${BACKEND_PORT:-9000}:9000"
+      # HTTPS용 포트 (SSL 인증서 있는 경우)
+      # - "9443:9443"
     depends_on:
       database:
         condition: service_healthy