Update phishing config request logic

[whymarrh]

This change updates the PhishingController config request logic to:

1. Use the official GitHub API for repo contents (see Replace Infura blacklist endpoint #219)
2. Handle 403 responses, as the GH API will rate limit with that status code

Note that the current query interval, 180000 ms, will be fewer than 60 requests per hour:

For unauthenticated requests, the rate limit allows for up to 60 requests per hour. Unauthenticated requests are associated with the originating IP address, and not the user making requests.

And, per the docs, 304 responses don't count towards the rate limit:

Making a conditional request and receiving a 304 response does not count against your Rate Limit, so we encourage you to use it whenever possible.

See also:

• GitHub REST API v3 - Media Types
• GitHub REST API v3 - Rate limiting
• GitHub REST API v3 - Conditional requests

[whymarrh]

And, per the docs, 304 responses don't count towards the rate limit:

Making a conditional request and receiving a 304 response does not count against your Rate Limit, so we encourage you to use it whenever possible.

Though this might not apply to unauthenticated requests:

curl -sSL \
--dump-header /dev/fd/1 \
--output /dev/null \
--header 'Accept: application/vnd.github.v3.raw+json' \
--header 'If-None-Match: "85c5475f72353f82a0f712c1e7c9a6478ab1c7a7"' \
https://api.github.com/repos/MetaMask/eth-phishing-detect/contents/src/config.json

Running this sees the X-Ratelimit-Remaining decrease. 🤷🏽‍♂️ The existing interval should be fine, though NAT will definitely cause co-located users to hit that rate limit.

[whymarrh]

I've tested this with the extension and it works as expected.

[Gudahtt]

LGTM, thanks!