[GEOS-11379] Refactor inline JavaScript in the OGC API modules

[sikeoka]

This PR moves the inline JavaScript in all of the OGC API community modules into external files. This PR is related to Content-Security-Policy work for GeoServer 2.26.0 and should NOT be backported.

All Java inputs that were previously written directly into the script tag are now written to hidden input fields that the external JavaScript file will read. Enabling HTML escaping was necessary to not introduce new vulnerabilities with this PR but that also required changing how the pagecrumbs are initialized everywhere.

This PR uses the new webresources path added to gs-main by #7554 which does not affect unit tests but is required if attempting to manually run GeoServer with these changes.

Checklist

• I have read the contribution guidelines.
• I have sent a Contribution Licence Agreement (not required for small changes, e.g., fixing typos in documentation).
• First PR targets the main branch (backports managed later; ignore for branch specific issues).
• All the build checks are green (see automated QA checks).

For core and extension modules:

• New unit tests have been added covering the changes.
• Documentation has been updated (if change is visible to end users).
• The REST API docs have been updated (when changing configuration objects or the REST controllers).
• There is an issue in the GeoServer Jira (except for changes that do not affect administrators or end users in any way).
• Commit message(s) must be in the form [GEOS-XYZWV] Title of the Jira ticket.
• Bug fixes and small new features are presented as a single commit.
• Each commit has a single objective (if there are multiple commits, each has a separate JIRA ticket describing its goal).